CVE-2021-33697

Summary

Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP BusinessObjects Business Intelligence Platform (SAPUI5)< 420affected
SAP SESAP BusinessObjects Business Intelligence Platform (SAPUI5)< 430affected

Weaknesses

  • CWE-1022: CWE-1022: Use of Web Link to Untrusted Target (Reverse Tabnabbing)

ADP Enrichment

CVE Program Container

Additional References

References