Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP BusinessObjects Business Intelligence 跨站请求伪造漏洞
Vulnerability Description
SAP BusinessObjects Business Intelligence是德国思爱普(SAP)公司的一套商务智能软件和企业绩效解决方案套件。该产品具有报告生成、分析、数据可视化等功能。 SAP BusinessObjects Business Intelligence 4.0版本、4.1版本和4.2版本中存在跨站请求伪造漏洞,该漏洞源于在浏览Web Intelligence报告时,被HTTP分析工具捕获的用户会话详情可以被用在HTML页面,然而用户会话依旧有效。远程攻击者可利用该漏洞执行未授权的
CVSS Information
N/A
Vulnerability Type
N/A