漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
The SAP BusinessObjects BI Platform version - 420 allows an attacker, who has basic access to the application, to inject a malicious script while creating a new module document, file, or folder. When another user visits that page, the stored malicious script will execute in their session, hence allowing the attacker to compromise their confidentiality and integrity.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP BusinessObjects BI Platform 420 跨站脚本漏洞
Vulnerability Description
SAP BusinessObjects BI Platform是德国思爱普(SAP)公司的用于数据报告、可视化和共享的集中套件。 SAP BusinessObjects BI Platform 420版本存在安全漏洞,该漏洞允许具有应用程序基本访问权限的攻击者在创建新模块文档、文件或文件夹时注入恶意脚本。当另一个用户访问该页面时,存储的恶意脚本将在他们的会话中执行,从而允许攻击者破坏他们的机密性和完整性。
CVSS Information
N/A
Vulnerability Type
N/A