CVE-2025-24867 | SAP BusinessObjects Platform BI Launchpad unprotected cross site scripting

Inserito da Angelo Barbosa | Feb 11, 2025 | CVE

A vulnerability classified as problematic has been found in SAP BusinessObjects Platform. Affected is an unknown function of the component BI Launchpad. The manipulation of the argument unprotected leads to cross site scripting.

This vulnerability is traded as CVE-2025-24867. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2025-24867 | SAP BusinessObjects Platform BI Launchpad unprotected cross site scripting

Post correlati

CVE-2023-43303 | Craftbeer Bar Canvas mini-app on Line 13.6.1 Channel Access Token information disclosure

CVE-2024-5152 | ElementsReady Addons for Elementor Plugin up to 6.1.0 on WordPress cross site scripting

CVE-2024-12538 | binsaifullah Duplicate Post, Page and Any Custom Post plugin up to 3.5.3 on WordPress Password Protected Post dpp_duplicate_as_draft information disclosure

CVE-2024-55514 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface /upload_sfmig.php form name unrestricted upload