XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 allows remote malicious users to read arbitrary files via the xmlParameter parameter in an explorationSpaceUpdate request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap businessobjects explorer 14.0.5 |