SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2742468 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2019-08-14T13:44:00
Updated: 2019-08-14T13:44:00
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-0332
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-14T14:15:15.543
Modified: 2019-08-19T13:58:56.803
Link: CVE-2019-0332
JSON object: View
Redhat Information
No data.
CWE