CVE-2023-0018 — Cross-site Scripting in SAP Businessobjects Business Intelligence Platform
CWE-79 — Cross-site ScriptingCWE-476 — NULL Pointer DereferenceCWE-822 — Untrusted Pointer DereferenceCWE-269 — Improper Privilege ManagementCWE-367 — Time-of-check Time-of-use (TOCTOU) Race ConditionCWE-833 — DeadlockCWE-908 — Use of Uninitialized ResourceCWE-835 — Infinite LoopCWE-824 — Access of Uninitialized PointerCWE-787 — Out-of-bounds WriteCWE-78 — OS Command Injection25 documents7 sources
Severity
6.1MEDIUMNVD
CNA10.0CISA7.2
EPSS
1.0%
top 22.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 10
Latest updateDec 30
Description
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these reports are viewable, anyone who opens those reports would be susceptible to stored XSS attacks. As a result of the attack, information maintained in the victim's web browser can be read, modified, and sent to the attacker.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7
Affected Packages2 packages
🔴Vulnerability Details
6CVEList▶
Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform (Central management console)↗2023-01-10