Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow a malicious URL to inject content into the Pentaho User Console through session variables.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hitachi vantara pentaho business analytics server |
||
hitachi vantara pentaho business analytics server 9.4.0.0 |