Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-30741
Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated malicious user to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify informatio...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2023-31406
Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated malicious user to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify informatio...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
6.1
CVSSv3
CVE-2022-39800
SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network. On successful exploitation, an attacker can view or modify information ...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2022-28216
SAP BusinessObjects Business Intelligence Platform (BI Workspace) - version 420, is susceptible to a Cross-Site Scripting attack by an unauthenticated attacker due to improper sanitization of the user inputs on the network. On successful exploitation, an attacker can access certa...
Sap Businessobjects Business Intelligence Platform 420
6.1
CVSSv3
CVE-2021-33697
Under certain conditions, SAP BusinessObjects Business Intelligence Platform (SAPUI5), versions - 420, 430, can allow an unauthenticated malicious user to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities.
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2021-21444
SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking ...
Sap Businessobjects Business Intelligence 420
Sap Businessobjects Business Intelligence 410
Sap Businessobjects Business Intelligence 430
6.1
CVSSv3
CVE-2020-6276
SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
Sap Businessobjects Business Intelligence Platform 4.2
1 Article
6.1
CVSSv3
CVE-2020-6281
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting.
Sap Businessobjects Business Intelligence Platform 4.2
1 Article
6.1
CVSSv3
CVE-2020-6211
SAP Business Objects Business Intelligence Platform (AdminTools), versions 4.1, 4.2, allows an malicious user to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »