CVE-2019-0377

5.4MEDIUM

Key Information:

Summary

SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting.

Affected Version(s)

SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) < 4.2

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
πŸͺ This website uses cookies, like every other website on the internet πŸ˜• By using our website, you consent to the use of cookies.