Vulnerabilities > SAP > Business Objects Business Intelligence Platform > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-06 CVE-2020-6220 Cross-site Scripting vulnerability in SAP Business Objects Business Intelligence Platform 4.1/4.2
BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
high complexity
sap CWE-79
4.7
2022-03-10 CVE-2022-24398 Unspecified vulnerability in SAP Business Objects Business Intelligence Platform 420/430
Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted.
network
low complexity
sap
6.5