VYPR
Medium severity6.1NVD Advisory· Published Oct 9, 2018· Updated Jun 17, 2026

CVE-2018-2472

CVE-2018-2472

Description

SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML client) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.