Lucene search
K
SapBusinessobjects Bi Platform

4 matches found

CVE
CVE
added 2018/10/09 1:0 p.m.56 views

CVE-2018-2467

SAP BusinessObjects BI Platform Servers SDK (versions 4.1 and 4.2) is affected by an information-disclosure vulnerability where a specially crafted URL in a web browser can cause the server to return the path to the application server. The issue appears tied to the Software Development Kit compon...

5.3CVSS5.2AI score0.01372EPSS
CVE
CVE
added 2019/02/15 6:0 p.m.46 views

CVE-2019-0262

CVE-2019-0262 affects SAP WebIntelligence BILaunchPad (versions 4.10 and 4.20). The vulnerability is a Cross-Site Scripting (XSS) flaw caused by insufficient encoding of user-controlled inputs in generated HTML reports, enabling script execution in a victim’s browser. The available connected docu...

5.4CVSS5.3AI score0.00886EPSS
CVE
CVE
added 2018/10/09 1:0 p.m.44 views

CVE-2018-2472

CVE-2018-2472 affects SAP BusinessObjects BI Platform (4.10 and 4.20) via the Web Intelligence DHTML client. The underlying issue is improper encoding of user-controlled inputs, leading to a Cross-Site Scripting (XSS) vulnerability. Communicating documents confirm the affected product and the roo...

6.1CVSS6AI score0.01016EPSS
CVE
CVE
added 2018/11/13 8:0 p.m.40 views

CVE-2018-2479

SAP BusinessObjects BI Platform (BIWorkspace) versions 4.1 and 4.2 have a Cross-Site Scripting (XSS) vulnerability caused by insufficient encoding of user-controlled inputs in the web UI. Root cause: inadequate encoding/escaping before rendering user input. Impact: XSS is possible when interactin...

6.1CVSS5.9AI score0.01325EPSS