Vulnerability CVE-2023-42478


Published: 2023-12-12   Modified: 2023-12-14

Description:
SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to upload agnostic documents in the system which when opened by any other user could lead to high impact on integrity of the application.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Affected software
SAP -> Business objects business intelligence platform 

 References:
https://me.sap.com/notes/3382353
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Copyright 2024, cxsecurity.com

 

Back to Top