Lucene search
China National Vulnerability DatabaseCNVD-2023-03048HistoryJan 12, 2023 - 12:00 a.m.
SAP BusinessObjects Business Intelligence Platform CMC application cross-site scripting vulnerability
2023-01-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
sap businessobjects
business intelligence
platform
cmc
cross-site scripting
vulnerability
data integration
data management
crystal reports
security advisories
system integration
EPSS
0.001
Percentile
33.3%
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP Germany. The platform combines market-leading SAP data integration products, data management products, and business intelligence (BI) products to eliminate system integration challenges and enable fast and easy deployment of high-performance business analytics software. A cross-site scripting vulnerability exists in versions 420 and 430 due to improper input sanitization of user-controlled input, which can be exploited by an attacker with basic user-level privileges to modify/upload crystal reports containing malicious payloads.
Related
prion
prion
Cross site scripting
2023-01-10 04:15:00
nessus
nessus
SAP BusinessObjects Business Intelligence Platform XSS (3266006)
2023-01-23 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2023-0018
2023-01-10 04:15:09
cve
cve
CVE-2023-0018
2023-01-10 04:15:09