CVE-2021-33696

Summary

SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (Crystal Report)< 420affected
SAP SESAP BusinessObjects Business Intelligence Platform (Crystal Report)< 430affected

Weaknesses

  • Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References