Lucene search
K
SapBusinessobjects Web Intelligence

5 matches found

CVE
CVE
added 2022/02/09 10:5 p.m.131 views

CVE-2022-22546

SAP Business Objects Web Intelligence (BI Launchpad) 420 is affected by CVE-2022-22546 due to improper HTML encoding in input control summary, enabling an authorized attacker to perform cross-site scripting (XSS). CVSSv3.1 base score 5.4 (MEDIUM). Exploitation details are not elaborated beyond th...

5.4CVSS5.2AI score0.00489EPSS
CVE
CVE
added 2021/07/14 11:3 a.m.50 views

CVE-2021-33667

CVE-2021-33667 affects SAP Business Objects Web Intelligence (BI Launchpad) versions 420 and 430. Affected component is the frontend Analytical Reporting bundle accessed via SDK calls, where an attacker could access JSP source code that would normally be restricted, resulting in information discl...

4.3CVSS4.6AI score0.00656EPSS
CVE
CVE
added 2023/10/10 1:36 a.m.44 views

CVE-2023-42474

Affected product and vulnerability. SAP BusinessObjects Web Intelligence 420 is affected by a cross-site scripting (XSS) vulnerability in a URL parameter, arising from insufficient filtering/escaping of user-supplied data. This could allow an attacker to exfiltrate or view sensitive information b...

6.8CVSS5.7AI score0.00328EPSS
CVE
CVE
added 2023/12/12 12:58 a.m.41 views

CVE-2023-42476

SAP Business Objects Web Intelligence 420 is affected by an authenticated JavaScript injection (XSS) vulnerability in Web Intelligence documents. The issue allows an attacker to inject code that runs in a user’s browser when the vulnerable page is visited, potentially exposing data from reporting...

6.8CVSS6.5AI score0.00573EPSS
CVE
CVE
added 2024/04/09 12:47 a.m.36 views

CVE-2024-25646

CVE-2024-25646 affects SAP BusinessObjects Business Intelligence Launch Pad. Due to improper validation, an authenticated attacker can access operating system information using a crafted document, with high confidentiality impact reported. Several sources (NVD, Red Hat, CNNVD, Nessus plugin 34213...

7.7CVSS7.3AI score0.0042EPSS