Cross-Site Scripting Vulnerability in SAP BusinessObjects Business Intelligence Platform
CVE-2022-28216
6.1MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 12 April 2022
What is CVE-2022-28216?
SAP BusinessObjects Business Intelligence Platform (BI Workspace) version 420 has a vulnerability that allows unauthenticated attackers to exploit improper sanitization of user inputs, leading to potential Cross-Site Scripting (XSS) attacks. Successful exploitation may enable unauthorized access to certain reports, posing risks to the confidentiality of the application data. It is crucial for users and organizations relying on this platform to ensure they address this vulnerability to safeguard their data integrity.
Affected Version(s)
SAP BusinessObjects Business Intelligence Platform (BI Workspace) 420