Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform
CVE-2023-30741
6.1MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 9 May 2023
What is CVE-2023-30741?
Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Affected Version(s)
SAP BusinessObjects Business Intelligence Platform 420
SAP BusinessObjects Business Intelligence Platform 430