Vulnerabilities > SAP > Businessobjects Financial Consolidation

DATE CVE VULNERABILITY TITLE RISK
2018-08-14 CVE-2018-2444 Cross-site Scripting vulnerability in SAP Businessobjects Financial Consolidation 10.0/10.1
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
low complexity
sap CWE-79
6.1
2017-12-03 CVE-2017-14516 Cross-site Scripting vulnerability in SAP Businessobjects Financial Consolidation
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation before 2017-06-13, aka SAP Security Note 2422292.
network
low complexity
sap CWE-79
6.1
2017-03-16 CVE-2017-6061 Cross-site Scripting vulnerability in SAP Businessobjects Financial Consolidation 10.0.0.1933
Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote attackers to inject arbitrary web script or HTML via a GET request.
network
low complexity
sap CWE-79
4.7