SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advanced attacks, including: cross-site scripting and page hijacking.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2018-07-10T18:00:00
Updated: 2024-08-05T04:21:33.601Z
Reserved: 2017-12-15T00:00:00
Link: CVE-2018-2432
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-07-10T18:29:00.860
Modified: 2024-11-21T04:03:48.200
Link: CVE-2018-2432
Redhat
No data.