WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote malicious users to hijack sessions.
businessobjects webintelligence 2.7.1