CVE

CVE-2019-0378

admin

CVE-2019-0378

SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before version 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the file name of the background image resulting in Stored Cross-Site Scripting.

Source: CVE-2019-0378

Exit mobile version