CVE-2020-6276

6.1MEDIUM

Key Information:

Vendor
SAP
Status
SAP Business Objects Business Intelligence Platform (bipodata)
Vendor
CVE Published:
14 July 2020

Summary

SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.

Affected Version(s)

SAP Business Objects Business Intelligence Platform (bipodata) < 4.2

References

https://launchpad.support.sap.com/#/notes/2849967
x_refsource_MISC
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.