mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
956 B
956 B
CVE-2019-0377
&color=blue)
Description
SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2, does not sufficiently encode user-controlled inputs and allows an attacker to store malicious scripts in the input controls, resulting in Stored Cross-Site Scripting.
POC
Reference
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
Github
No PoCs found on GitHub currently.