Unrated severityNVD Advisory· Published Feb 10, 2026· Updated Feb 10, 2026
Cross Site Scripting (XSS) vulnerability in SAP BusinessObjects Enterprise (Central Management Console)
CVE-2026-24325
Description
SAP BusinessObjects Enterprise does not sufficiently encode user-controlled inputs, leading to Stored Cross-Site Scripting (XSS) vulnerability. This enables an admin user to inject malicious JavaScript into a website and the injected script gets executed when the user visits the compromised page.This vulnerability has low impact on confidentiality and integrity of the data. There is no impact on the availability of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: ENTERPRISE 430
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.