CVE-2019-0262

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:businessobjects_bi_platform:4.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_bi_platform:4.10:*:*:*:*:*:*:*

Information

Published : 2019-02-15 10:29

Updated : 2019-02-19 13:16


NVD link : CVE-2019-0262

Mitre link : CVE-2019-0262


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sap

  • businessobjects_bi_platform