Lucene search
K

164 matches found

Cvelist
Cvelist
added 2024/10/08 3:21 a.m.21 views

CVE-2024-37179 Insecure File Operations vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence)

SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application...

7.7CVSS0.00428EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.4 views

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

7.7CVSS6.8AI score0.00428EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.9 views

PT-2024-7172 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform affected versions not specified Description: The issue is related to a file download vulnerability in the SAP BusinessObjects Business Intelligence Platform, specifically in the Web...

7.7CVSS6.7AI score0.00428EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/04/22 12:0 a.m.5 views

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Intelligence component of the SAP BusinessObjects Business Intelligence platform is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

7.7CVSS5.4AI score0.0042EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/09 12:47 a.m.12 views

CVE-2024-25646 Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the application...

7.7CVSS7.3AI score0.0042EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.7 views

WIC1200 Cross-Site Request Forgery Vulnerability

The Xantech WIC1200 is a Web Intelligence Controller from Xantech. A cross-site request forgery vulnerability exists in the Xantech WIC1200 version 1.1, which stems from the lack of a proper CSRF token implementation and can be exploited by an attacker to perform unwanted actions...

8CVSS6.8AI score0.00187EPSS
Exploits0References2
OSV
OSV
added 2023/12/12 1:15 a.m.2 views

CVE-2023-42476

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...

6.8CVSS6.7AI score0.00573EPSS
Exploits0References2
NVD
NVD
added 2023/12/12 1:15 a.m.27 views

CVE-2023-42476

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...

6.8CVSS0.00573EPSS
Exploits0References2
Prion
Prion
added 2023/12/12 1:15 a.m.13 views

Code injection

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...

3.5CVSS6.9AI score0.00573EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/12/12 12:58 a.m.40 views

CVE-2023-42476

SAP Business Objects Web Intelligence 420 is affected by an authenticated JavaScript injection (XSS) vulnerability in Web Intelligence documents. The issue allows an attacker to inject code that runs in a user’s browser when the vulnerable page is visited, potentially exposing data from reporting...

6.8CVSS6.5AI score0.00573EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/12 12:58 a.m.26 views

CVE-2023-42476 Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence

SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence documents which is then executed in the victim’s browser each time the vulnerable page is visited. Successful exploitation can lead to exposure of the data that th...

6.8CVSS6.7AI score0.00573EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.5 views

PT-2023-28362 · Sap · Sap Business Objects Web Intelligence

Name of the Vulnerable Software and Affected Versions: SAP Business Objects Web Intelligence version 420 Description: The issue allows an authenticated attacker to inject JavaScript code into Web Intelligence documents, which is then executed in the victim's browser each time the vulnerable page ...

6.8CVSS6.7AI score0.00573EPSS
Exploits0References6
CNVD
CNVD
added 2023/10/13 12:0 a.m.6 views

SAP Business Objects Web Intelligence Cross-Site Scripting Vulnerability

SAP Business Objects Web Intelligence is a centralized suite from SAP, Germany. It is used for data reporting, visualization, and sharing. A cross-site scripting vulnerability exists in SAP Business Objects Web Intelligence version 420, which stems from the lack of effective filtering and escapin...

6.8CVSS6.3AI score0.00328EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/10/11 12:0 a.m.7 views

The vulnerability of SAP BusinessObjects Web Intelligence, a web platform for analytics and reporting, relates to the lack of protective measures for the website structure. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the SAP BusinessObjects Web Intelligence web platform relates to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information by clicking on a specially created malicious...

6.8CVSS5.9AI score0.00328EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/10/10 2:15 a.m.4 views

CVE-2023-42474

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...

5.4CVSS5.8AI score0.00328EPSS
Exploits0References2
Prion
Prion
added 2023/10/10 2:15 a.m.20 views

Design/Logic Flaw

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...

4.9CVSS5.2AI score0.00328EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/10 1:36 a.m.32 views

CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...

6.8CVSS6.5AI score0.00328EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/10 1:36 a.m.19 views

CVE-2023-42474 Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence

SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information...

6.8CVSS6AI score0.00328EPSS
Exploits0References2
CVE
CVE
added 2023/10/10 1:36 a.m.44 views

CVE-2023-42474

Affected product and vulnerability. SAP BusinessObjects Web Intelligence 420 is affected by a cross-site scripting (XSS) vulnerability in a URL parameter, arising from insufficient filtering/escaping of user-supplied data. This could allow an attacker to exfiltrate or view sensitive information b...

6.8CVSS5.7AI score0.00328EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

SAP Business Objects Web Intelligence 跨站脚本漏洞

SAP Business Objects Web Intelligence is a centralized suite from SAP, Germany. It is used for data reporting, visualization, and sharing. A cross-site scripting vulnerability exists in SAP Business Objects Web Intelligence version 420, which stems from the lack of effective filtering and escapin...

6.8CVSS6AI score0.00328EPSS
Exploits0References4
Rows per page
Query Builder