CVE-2025-0062 – SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting (XSS) Vulnerability

March 11, 2025
3:18 am

CVE ID : CVE-2025-0062

Published : March 11, 2025, 1:15 a.m. | 1 hour, 24 minutes ago

Description : SAP BusinessObjects Business Intelligence Platform allows an attacker to inject JavaScript code in Web Intelligence reports. This code is then executed in the victim’s browser each time the vulnerable page is visited by the victim. On successful exploitation, an attacker could cause limited impact on confidentiality and integrity within the scope of victim�s browser. There is no impact on availability. This vulnerability occurs only when script/html execution is enabled by the administrator in Central Management Console.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-0062 – SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting (XSS) Vulnerability

Elvescore.io

Recent Posts

CVE-2025-27893 – Archer Platform Immutable Field Manipulation Information Disclosure

CVE-2024-52285 – SiPass MQTT Authentication Bypass Vulnerability

CVE-2024-56181 – Siemens SIMATIC EFI Variable Manipulation Vulnerability

CVE-2024-56182 – Siemens SIMATIC BIOS Password Bypass Vulnerability

CVE-2024-56336 – “Unsecured Bootloader Vulnerability in SINAMICS S200”

CVE-2025-23384 – Siemens OpenVPN Username Validation Vulnerability

CVE-2025-0062 – SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting (XSS) Vulnerability

CVE-2025-0062 – SAP BusinessObjects Business Intelligence Platform Cross-Site Scripting (XSS) Vulnerability