164 matches found
CVE-2024-37179 Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)
SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application...
SAP BusinessObjects Business Intelligence Platform 代码问题漏洞
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...
PT-2024-7172 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform affected versions not specified Description: The issue is related to a file download vulnerability in the SAP BusinessObjects Business Intelligence Platform, specifically in the Web...
The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...
CVE-2024-25646 Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application...
WIC1200 Cross-Site Request Forgery Vulnerability
The Xantech WIC1200 is a Web Intelligence Controller from Xantech. A cross-site request forgery vulnerability exists in the Xantech WIC1200 version 1.1, which stems from the lack of a proper CSRF token implementation and can be exploited by an attacker to perform unwanted actions...
CVE-2023-42476
SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...
CVE-2023-42476
SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...
Code injection
SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...
CVE-2023-42476
SAP Business Objects Web Intelligence 420 is affected by an authenticated JavaScript injection (XSS) vulnerability in Web Intelligence documents. The issue allows an attacker to inject code that runs in a user’s browser when the vulnerable page is visited, potentially exposing data from reporting...
CVE-2023-42476 Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence
SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...
PT-2023-28362 · Sap · Sap Business Objects Web Intelligence
Name of the Vulnerable Software and Affected Versions: SAP Business Objects Web Intelligence version 420 Description: The issue allows an authenticated attacker to inject JavaScript code into Web Intelligence documents, which is then executed in the victim's browser each time the vulnerable page ...
SAP Business Objects Web Intelligence Cross-Site Scripting Vulnerability
SAP Business Objects Web Intelligence is a centralized suite from SAP, Germany. It is used for data reporting, visualization, and sharing. A cross-site scripting vulnerability exists in SAP Business Objects Web Intelligence version 420, which stems from the lack of effective filtering and escapin...
The vulnerability of SAP BusinessObjects Web Intelligence, a web platform for analytics and reporting, relates to the lack of protective measures for the website structure. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the SAP BusinessObjects Web Intelligence web platform relates to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information by clicking on a specially created malicious...
CVE-2023-42474
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
Design/Logic Flaw
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence
SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...
CVE-2023-42474
Affected product and vulnerability. SAP BusinessObjects Web Intelligence 420 is affected by a cross-site scripting (XSS) vulnerability in a URL parameter, arising from insufficient filtering/escaping of user-supplied data. This could allow an attacker to exfiltrate or view sensitive information b...
SAP Business Objects Web Intelligence 跨站脚本漏洞
SAP Business Objects Web Intelligence is a centralized suite from SAP, Germany. It is used for data reporting, visualization, and sharing. A cross-site scripting vulnerability exists in SAP Business Objects Web Intelligence version 420, which stems from the lack of effective filtering and escapin...