CVE-2020-6288

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface allows an attacker with edit document rights to upload any file including script files without proper file format validation leading to Unrestricted upload of file with dangerous type vulnerability. The attacker c...

CVE-2020-6231

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2020-6231

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2020-6222

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

Cross site scripting

Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

Cross site scripting

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface, version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2020-6226

SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface (v4.2) is affected by an XSS vulnerability due to insufficient encoding of user-controlled inputs. Cited sources describe the vulnerability as cross-site scripting affecting the Web Intelligence HTML interface; no...

CVE-2020-6222

CVE-2020-6222 affects SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) versions 4.1 and 4.2. The issue is due to insufficient encoding of user-controlled inputs, causing Cross-Site Scripting (XSS). The vulnerability’s impact is described as low to medium depen...

CVE-2020-6221

The CVE-2020-6221 issue affects SAP Business Objects Business Intelligence Platform, specifically the Web Intelligence HTML interface, versions 4.1 and 4.2. The root cause is insufficient encoding of user-controlled inputs, leading to Cross-Site Scripting (XSS). The connected documents consistent...

CVE-2020-6221

Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2019-0396

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will not be correctly...

CVE-2019-0396

SAP BusinessObjects BI Platform Web Intelligence HTML interface is affected by CVE-2019-0396 due to insufficient validation of an XML document from untrusted sources. The issue allows an attacker to craft XML with malicious elements that bypass filtering in certain workflows. Affected versions: 4...

CVE-2019-0377

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting...

CVE-2019-0374

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting...

Cross site scripting

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows an attacker to save malicious scripts in the publication name, which can be executed later by the victim, resulting in...

CVE-2019-0378

SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML interface, before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name of the background image resulting in Stored Cross-Site Scripting...

CVE-2019-0374

SAP BusinessObjects BI Platform (Web Intelligence HTML interface) is affected by CVE-2019-0374. Versions prior to 4.2 and 4.3 fail to properly encode user-controlled inputs, allowing scripts to be executed in chart titles and resulting in reflected Cross-Site Scripting. Root cause: insufficient e...

Fedora Update for php-pecl-xhprof FEDORA-2013-18094

Check for the Version of php-pecl-xhprof OpenVAS Vulnerability Test Fedora Update for php-pecl-xhprof FEDORA-2013-18094 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

[SECURITY] Fedora 20 Update: php-pecl-xhprof-0.9.4-1.fc20

XHProf is a function-level hierarchical profiler for PHP. This package provides the raw data collection component, implemented in C as a PHP extension. The HTML based navigational interface is provided in the "xhprof" package...

Fedora Update for viewvc FEDORA-2008-8252

Check for the Version of viewvc OpenVAS Vulnerability Test Fedora Update for viewvc FEDORA-2008-8252 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...