Vulnerabilities > SAP > Business Intelligence Promotion Management Application > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-12 | CVE-2017-16681 | Cross-site Scripting vulnerability in SAP Business Intelligence Promotion Management Application 4.10/4.20/4.30 Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded. | 6.1 |