XSS in Sap Businessobjects
CVE-2014-3134
Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.003 (56.2th percentile) — read the EPSS interpretation.
Affected products
- Sap Businessobjects
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- 20140428 [Onapsis Security Advisory 2014-010] SAP BusinessObjects InfoView Reflected Cross Site Scripting (mailing-list, x_refsource_FULLDISC)
- cve@mitre.org (x_refsource_MISC)
- 67110 (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)