CVE-2011-4805

Currently unrated

Key Information:

Vendor
SAP
Status
Crystal Reports Server
Vendor
CVE Published:
14 December 2011

Summary

Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter.

References

http://www.securityfocus.com/archive/1/520560/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid...
x_refsource_CONFIRM
https://service.sap.com/sap/support/notes/1562292
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.