Businessobjects Business Intelligence Platform Security Vulnerabilities and Issues — Businessobjects Business Intelligence Platform CVE List

Lucene search

SapBusinessobjects Business Intelligence Platform

3 matches found

CVE•added 2021/09/14 12:15 p.m.•40 views

CVE-2021-33679

The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the application, to inject a malicious script while creating a new module document, file, or folder. When another user visits that page, the stored malicious script will execute in their session, hence all...

5.4CVSS5.5AI score0.00162EPSS

CVE•added 2021/10/12 3:15 p.m.•40 views

CVE-2021-40500

SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can enable the attac...

7.5CVSS7.4AI score0.01212EPSS

CVE•added 2021/12/14 4:15 p.m.•38 views

CVE-2021-42061

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This allows a low privileged attacker to retrieve some data from the victim but will never be able to modi...

5.4CVSS5.1AI score0.0037EPSS