CVE-2019-0332
N/A
N/A
Summary
SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Info View) | < 4.1 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Info View) | < 4.2 | affected |
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Info View) | < 4.3 | affected |
Weaknesses
- Cross-Site Scripting
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/2742468
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
References
- https://launchpad.support.sap.com/#/notes/2742468
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.