Businessobjects Business Intelligence@430 Security Vulnerabilities and Issues — Businessobjects Business Intelligence@430 CVE List

Lucene search

SapBusinessobjects Business Intelligence430

3 matches found

CVE•added 2021/02/09 9:15 p.m.•49 views

CVE-2021-21444

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack.

6.1CVSS6.1AI score0.00169EPSS

CVE•added 2021/09/15 7:15 p.m.•42 views

CVE-2021-33697

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.

6.1CVSS6.3AI score0.00238EPSS

CVE•added 2021/09/15 7:15 p.m.•39 views

CVE-2021-33696

SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site.

5.4CVSS5.2AI score0.00162EPSS