Vulnerabilities > SAP > Businessobjects > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-28764 Insufficiently Protected Credentials vulnerability in SAP Businessobjects 4.20/4.30
SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network.
network
high complexity
sap CWE-522
5.9
2019-06-14 CVE-2019-0303 Cross-site Scripting vulnerability in SAP Businessobjects 4.2/4.3
SAP BusinessObjects Business Intelligence Platform (Administration Console), versions 4.2, 4.3, module BILogon/appService.jsp is reflecting requested parameter errMsg into response content without sanitation.
network
low complexity
sap CWE-79
6.1
2019-02-15 CVE-2019-0251 Cross-site Scripting vulnerability in SAP Businessobjects 4.2/4.3
The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
low complexity
sap CWE-79
6.1
2017-12-12 CVE-2017-16683 Unspecified vulnerability in SAP Businessobjects 4.10/4.20
Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an attacker to prevent legitimate users from accessing a service.
network
low complexity
sap
6.5