Описание
SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session information, modify or make browser information unavailable. This leads to a high impact on confidentiality and low impact on integrity, availability.
Ссылки
- Permissions Required
- Patch
Уязвимые конфигурации
Одно из
EPSS
8.2 High
CVSS3
7.6 High
CVSS3
Дефекты
Связанные уязвимости
SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session information, modify or make browser information unavailable. This leads to a high impact on confidentiality and low impact on integrity, availability.
Уязвимость компонента BI Workspace платформы бизнес-аналитики SAP BusinessObjects Business Intelligence, позволяющая нарушителю проводить межсайтовые сценарные атаки (XSS)
EPSS
8.2 High
CVSS3
7.6 High
CVSS3