Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 4, 2024
CVE-2019-0334
CVE-2019-0334
Description
When creating a module in SAP BusinessObjects Business Intelligence Platform (BI Workspace), versions 4.1, 4.2, 4.3, it is possible to store a malicious script which when executed later could potentially allow a user to escalate privileges via session hijacking. The attacker could also access other sensitive information, leading to Stored Cross Site Scripting.
Affected products
2- Range: 4.1, 4.2, 4.3
- SAP SE/SAP BusinessObjects Business Intelligence Platform (BI Workspace)v5Range: < 4.1
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.