CVE-2018-2444

Summary

SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Affected Software

VendorProductVersion RangeStatus
SAPSAP BusinessObjects Financial Consolidation10.0affected
SAPSAP BusinessObjects Financial Consolidation10.1affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References