Vulnerabilities > Businessobjects > Crystal Enterprise > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2742 | Cross-Site Scripting vulnerability in Businessobjects Crystal Enterprise 10/8.5/9 Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RPT) file. | 4.3 |
| 2004-05-02 | CVE-2004-1981 | Denial-Of-Service vulnerability in Businessobjects Crystal Enterprise and Crystal Reports The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. | 5.0 |