Back to search
CVE-2018-2472
Published: Oct 9, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
| Vendor | Product | Versions |
|---|---|---|
SAP | SAP BusinessObjects Business Intelligence Platform | affected 4.10affected 4.20 |
References
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095
x_refsource_CONFIRM
https://launchpad.support.sap.com/#/notes/2667103
x_refsource_MISC
105531
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now