Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:39 a.m.6 views

CVE-2022-35228

SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successfu...

8.8CVSS6.6AI score0.00539EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-20356

Malware in sbrugna...

5.4CVSS6AI score0.00473EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-35105

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.12 views

SAP BusinessObjects Business Intelligence Platform HTML Injection Vulnerability (3573199)

The version of SAP BusinessObjects Business Intelligence Platform installed on the remote host is prior to 2025 SP000 000200, 4.3 SP004 001300, or 4.3 SP005 000000. It is, therefore, affected by a vulnerability as referenced in the 3573199 advisory. An HTML Injection exists which allows an attack...

4.1CVSS5.7AI score0.00229EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/10 12:10 a.m.18 views

CVE-2025-23192 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence (BI Workspace)

SAP BusinessObjects Business Intelligence BI Workspace allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session...

8.2CVSS0.00342EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:51 a.m.6 views

CVE-2024-32732

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application...

5.3CVSS6.9AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 p.m.8 views

CVE-2022-22541

SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections. The main impact is the disclosure of company data to people that shouldn't or don't need to have access...

6.5CVSS6.6AI score0.00761EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 a.m.9 views

CVE-2019-0303

SAP BusinessObjects Business Intelligence Platform Administration Console, versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation. This could be used by an attacker to build a special url that execute custom JavaScript co...

6.1CVSS7AI score0.008EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 a.m.7 views

CVE-2019-0332

SAP BusinessObjects Business Intelligence Platform Info View, versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting XSS vulnerability...

6.1CVSS6AI score0.00807EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:10 a.m.10 views

CVE-2019-0289

Under certain conditions SAP BusinessObjects Business Intelligence platform Analysis for OLAP, versions 4.2 and 4.3, allows an attacker to access information which would otherwise be restricted...

7.1CVSS6.7AI score0.0108EPSS
Exploits0References1
Rows per page
Query Builder