39 matches found
EUVD-2021-20356
Malware in sbrugna...
EUVD-2022-27692
Malicious code in bioql PyPI...
CVE-2022-22546
Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business Objects Web Intelligence BI Launchpad - version 420...
CVE-2023-42474
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
SAP Business Objects Web Intelligence 跨站脚本漏洞
SAP Business Objects Web Intelligence is a centralized suite from SAP, Germany. It is used for data reporting, visualization, and sharing. A cross-site scripting vulnerability exists in SAP Business Objects Web Intelligence version 420, which stems from the lack of effective filtering and escapin...
PT-2023-5867 · Sap · Sap Businessobjects Business Intelligence
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Web Intelligence version 420 Description: The issue is related to the failure to protect the web page structure, which could allow a remote attacker to gain unauthorized access to protected information by opening a special...
SAP BusinessObjects Business Intelligence Platform Code Issue Vulnerability
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...
SAP BusinessObjects Business Intelligence Platform Information Disclosure Vulnerability
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...
Design/Logic Flaw
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to...
CVE-2023-39440 Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform
In SAP BusinessObjects Business Intelligence - version 420, If a user logs in to a particular program, under certain specific conditions memory might not be cleared up properly, due to which attacker might be able to get access to user credentials. For a successful attack, the attacker needs to...
PT-2023-4097 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform versions 420, 430 Description: The issue allows an unauthorized attacker who has hijacked a user session to bypass the victim's old password via brute force due to an unrestricted rate limit...
CVE-2023-31404 Information Disclosure in SAP BusinessObjects Business Intelligence Platform (Central Management Service)
Under certain conditions, SAP BusinessObjects Business Intelligence Platform Central Management Service - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could...
SAP BusinessObjects Business Intelligence Platform 信息泄露漏洞
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...
CVE-2023-27896
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...
Code injection
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...
CVE-2023-27896 Server Side Request Forgery (SSRF) in the SAP BusinessObjects Business Intelligence platform
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control a malicious BOE server, forcing the application server to connect to its own CMS, leading to a high impact on availability...
CVE-2023-27896
CVE-2023-27896 affects SAP BusinessObjects BI Platform versions 420 and 430. The issue is a Server-Side Request Forgery (SSRF) where an attacker can control a malicious BOE server, causing the application server to connect to its own CMS. This leads to a high impact on availability. The descripti...
PT-2023-15952 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence platform versions 420, 430 Description: The issue allows an authenticated attacker to access sensitive information that is otherwise restricted, potentially having a high impact on confidentiality and...