Unrated severityNVD Advisory· Published Nov 13, 2019· Updated Aug 4, 2024
CVE-2019-0396
CVE-2019-0396
Description
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), corrected in versions 4.1 and 4.2, does not sufficiently validate an XML document accepted from an untrusted source. An attacker can craft a message that contains malicious elements that will not be correctly filtered by Web Intelligence HTML interface in some specific workflows.
Affected products
2- Range: corrected in versions 4.1 and 4.2
- SAP SE/SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)v5Range: < 4.1
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.