Sap Se Sap Businessobjects Platform vulnerabilities

CVE-2025-24867 [MEDIUM] CWE-79 CVE-2025-24867: SAP BusinessObjects Platform (BI Launchpad) does not sufficiently handle user input, resulting in Cr SAP BusinessObjects Platform (BI Launchpad) does not sufficiently handle user input, resulting in Cross-Site Scripting (XSS) vulnerability. The application allows an unauthenticated attacker to craft a URL that embeds a malicious script within an unprotected parameter. When a victim clicks the link, the script will be executed in the browser, giving

CVE-2023-28764 [MEDIUM] CWE-522 CVE-2023-28764: SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive inform SAP BusinessObjects Platform - versions 420, 430, Information design tool transmits sensitive information as cleartext in the binaries over the network. This could allow an unauthenticated attacker with deep knowledge to gain sensitive information such as user credentials and domain names, which may have a low impact on confidentiality and no impact