CVE-2010-3981

2010-10-1816:00:00

mitre

www.cve.org

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

58.8%

JSON

Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.

References

osvdb.org/68680

spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf