CVE-2020-6223

Summary

The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to modify certain error pages to include malicious content. This can misdirect a user who is tricked into accessing these error pages rendered by the application, leading to Content Spoofing.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Business Objects Business Intelligence Platform< 4.1affected
SAP SESAP Business Objects Business Intelligence Platform< 4.2affected

Weaknesses

  • Content Spoofing

ADP Enrichment

CVE Program Container

Additional References

References