2 matches found
CVE-2019-0395
CVE-2019-0395 affects SAP BusinessObjects BI Platform (Fiori BI Launchpad) prior to 4.2. It enables a Stored Cross-Site Scripting (XSS) vulnerability by allowing JavaScript execution in a text module, due to insufficient sanitization/validation of client-side data in the web app. Impact: attacker...
CVE-2019-0382
CVE-2019-0382 affects SAP BusinessObjects Business Intelligence Platform, specifically the Web Intelligence publication-related pages. The vulnerability is a Cross-Site Scripting flaw caused by insufficient input sanitization, allowing an attacker with the required privileges to exploit it. Corre...