Medium severity6.1NVD Advisory· Published Aug 14, 2018· Updated Jun 17, 2026
CVE-2018-2444
CVE-2018-2444
Description
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Affected products
210.0, 10.1+ 1 more
- (no CPE)range: 10.0, 10.1
- (no CPE)range: 10.0
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105087nvdThird Party AdvisoryVDB Entry
- launchpad.support.sap.comnvdPermissions RequiredVendor Advisory
- wiki.scn.sap.com/wiki/pages/viewpage.actionnvdVendor Advisory
News mentions
0No linked articles in our index yet.