Vulnerabilities > SAP > Business Intelligence Promotion Management Application
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-12 | CVE-2017-16684 | Improper Authentication vulnerability in SAP Business Intelligence Promotion Management Application 4.10/4.20/4.30 SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity. | 9.8 |
2017-12-12 | CVE-2017-16681 | Cross-site Scripting vulnerability in SAP Business Intelligence Promotion Management Application 4.10/4.20/4.30 Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded. | 6.1 |