Sap Businessobjects Web Intelligence — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Businessobjects Web Intelligence, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-25646 — CVSS 7.7 (high): Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system…
CVE-2023-42474 — CVSS 6.8 (medium): SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could…
CVE-2023-42476 — CVSS 6.8 (medium): SAP Business Objects Web Intelligence - version 420, allows an authenticated attacker to inject JavaScript code into Web Intelligence…
CVE-2022-22546 — CVSS 5.4 (medium): Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business Objects Web…
CVE-2021-33667 — CVSS 4.3 (medium): Under certain conditions, SAP Business Objects Web Intelligence (BI Launchpad) versions - 420, 430, allows an attacker to access jsp source…