What is CVE-2025-0060?

CVE-2025-0060 is a medium-severity vulnerability in Sap_se Sap Businessobjects Business Intelligence Platform, classified under Code Injection. CVSS score: 6.5/10. Published 2025-01-14.

How severe is CVE-2025-0060?

Medium severity. CVSS v3 base score is 6.5 out of 10.

RCE in Sap_se Sap Businessobjects Business Intelligence Platform

CVE-2025-0060

SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to the attacker. The attacker could further…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.001 (28.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N.

Affected products

Sap_se Sap Businessobjects Business Intelligence Platform — versions ENTERPRISE 420, 430, 2025

Weakness classification (CWE)

CWE-94 — Code Injection

References

Frequently asked questions

What is CVE-2025-0060?: CVE-2025-0060 is a medium-severity vulnerability in Sap_se Sap Businessobjects Business Intelligence Platform, classified under Code Injection. CVSS score: 6.5/10. Published 2025-01-14.
How severe is CVE-2025-0060?: Medium severity. CVSS v3 base score is 6.5 out of 10.