CVE-2018-2472

SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 Web Intelligence DHTML client does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...