An issue exists in Hitachi Vantara Pentaho up to and including 9.1 and Pentaho Business Intelligence Server up to and including 7.x. A reports (.prpt) file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hitachi vantara pentaho |
||
hitachi vantara pentaho business intelligence server |