Description
SAP BusinessObjects Business Intelligence Platform (CMC Module), versions 4.10, 4.20 and 4.30, does not sufficiently validate an XML document accepted from an untrusted source.
Scores
CVSS v3
8.1
EPSS
0.0071
EPSS Percentile
72.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-91
Status
published
Products (3)
sap/businessobjects_business_intelligence
4.1
sap/businessobjects_business_intelligence
4.2
sap/businessobjects_business_intelligence
4.3
Published
Mar 12, 2019
Tracked Since
Feb 18, 2026