Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote malicious users to inject arbitrary web script or HTML via script in the URL to a report (RPT) file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
businessobjects crystal enterprise 8.5 |
||
businessobjects crystal enterprise 10 |
||
businessobjects crystal enterprise 9 |