Lucene search
K

9 matches found

EUVD
EUVD
added 2026/05/12 3:31 a.m.10 views

EUVD-2026-29369

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/12 2:19 a.m.5 views

CVE-2026-0502

Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended requests to the web server. This has low impact on integrity and availability of the application. There is no impact on confidentiali...

5.4CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-30426

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00204EPSS
Exploits0References3
NVD
NVD
added 2025/09/23 2:15 a.m.5 views

CVE-2025-42907

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...

4.3CVSS0.00204EPSS
Exploits0References2
CVE
CVE
added 2025/09/23 1:58 a.m.14 views

CVE-2025-42907

CVE-2025-42907 concerns SAP BI Platform. Multiple connected sources confirm a vulnerability where an attacker can modify the IP address in the LogonToken attached to OpenDoc, and when the modified link is opened in a browser, a different server could receive a ping request. The impact is describe...

4.3CVSS6.4AI score0.00204EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/23 1:58 a.m.10 views

CVE-2025-42907 Server-Side Request Forgery in SAP BI Platform

SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...

4.3CVSS0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.4 views

PT-2025-39106

Name of the Vulnerable Software and Affected Versions SAP BI Platform affected versions not specified Description An attacker can modify the IP address within the LogonToken associated with OpenDoc. Accessing the modified link in a web browser may redirect a ping request to a different server. Th...

4.3CVSS6.2AI score0.00204EPSS
Exploits0References6
OSV
OSV
added 2021/09/14 12:15 p.m.4 views

CVE-2021-33679

The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the application, to inject a malicious script while creating a new module document, file, or folder. When another user visits that page, the stored malicious script will execute in their session, hence...

5.4CVSS6.4AI score0.00473EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/01/12 12:0 a.m.8 views

SAP BusinessObjects Business Intelligence 跨站脚本漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...

5.4CVSS6AI score0.00529EPSS
Exploits0References5
Rows per page
Query Builder