5 matches found
CVE-2025-24867
SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...
CVE-2025-24867
creationtimestamp| type| source ---|---|--- 2025-02-11 01:11:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113982588694186995 2025-02-11 01:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuicsxtvi23 2025-02-11 03:07:55+00:00| seen|...
CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad)
SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...
CVE-2025-24867 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence platform (BI Launchpad)
SAP BusinessObjects Platform BI Launchpad does not sufficiently handle user input, resulting in Cross-Site Scripting XSS vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link,...
CVE-2025-24867
CVE-2025-24867 affects SAP BusinessObjects Platform (BI Launchpad). The issue is an XSS vulnerability caused by insufficient input handling in BI Launchpad, enabling an unauthenticated attacker to craft a URL with a malicious script in an unprotected parameter. When a user clicks the link, the sc...