CVE-2020-6278
Description
SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC), versions 4.1, 4.2, allows to an attacker to embed malicious scripts in the application while uploading images, which gets executed when the victim opens these files, leading to Stored Cross Site Scripting
Risk Information
Base Score
5.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.141
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 4.1 | Windows |
| Multiple Vulnerabilities are affected in SAP Business Objects Business Intelligence Platform 4.2 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 4.1 | Windows |
| Multiple Vulnerabilities are affected in SAP BusinessObjects Business Intelligence Platform (Web Intelligence) 4.2 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234