SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advanced attacks, including: cross-site scripting and page hijacking.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2018-07-10T18:00:00

Updated: 2024-08-05T04:21:33.601Z

Reserved: 2017-12-15T00:00:00

Link: CVE-2018-2432

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-07-10T18:29:00.860

Modified: 2024-11-21T04:03:48.200

Link: CVE-2018-2432

cve-icon Redhat

No data.