CVE-2019-0332

SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:businessobjects_business_intelligence:4.3:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:4.2:*:*:*:*:*:*:*

Information

Published : 2019-08-14 07:15

Updated : 2019-08-19 06:58


NVD link : CVE-2019-0332

Mitre link : CVE-2019-0332


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sap

  • businessobjects_business_intelligence