Описание
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a limited impact on confidentiality and integrity within the scope of victim�s browser. There is no impact on availability.
Ссылки
- Permissions Required
- Patch
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a limited impact on confidentiality and integrity within the scope of victim�s browser. There is no impact on availability.
Уязвимость компонента Web Intelligence платформы бизнес-аналитики SAP BusinessObjects Business Intelligence Platform, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
EPSS
5.4 Medium
CVSS3
6.1 Medium
CVSS3