Описание
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Ссылки
- Permissions Required
- PatchVendor Advisory
- Permissions Required
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:businessobjects_business_intelligence:420:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
4.7 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-1022
CWE-269
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
EPSS
Процентиль: 47%
0.00238
Низкий
4.7 Medium
CVSS3
6.1 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-1022
CWE-269