CVE-2022-41206

SAP BusinessObjects Business Intelligence platform (Analysis for OLAP) - versions 420, 430, allows an authenticated attacker to send user-controlled inputs when OLAP connections are created and edited in the Central Management Console. On successful exploitation, there could be a limited impact on confidentiality and integrity of the application.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:businessobjects_business_intelligence:420:*:*:*:*:*:*:*
cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*

History

12 Oct 2022, 20:28

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-11 21:15

Updated : 2024-02-04 22:51


NVD link : CVE-2022-41206

Mitre link : CVE-2022-41206

CVE.ORG link : CVE-2022-41206


JSON object : View

Products Affected

sap

  • businessobjects_business_intelligence
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')