{"containers": {"cna": {"affected": [{"product": "SAP BusinessObjects Business Intelligence Platform (Info View)", "vendor": "SAP SE", "versions": [{"status": "affected", "version": "< 4.1"}, {"status": "affected", "version": "< 4.2"}, {"status": "affected", "version": "< 4.3"}]}], "descriptions": [{"lang": "en", "value": "SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability."}], "problemTypes": [{"descriptions": [{"description": "Cross-Site Scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-08-14T13:44:00.000Z", "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "shortName": "sap"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://launchpad.support.sap.com/#/notes/2742468"}, {"tags": ["x_refsource_MISC"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cna@sap.com", "ID": "CVE-2019-0332", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SAP BusinessObjects Business Intelligence Platform (Info View)", "version": {"version_data": [{"version_name": "<", "version_value": "4.1"}, {"version_name": "<", "version_value": "4.2"}, {"version_name": "<", "version_value": "4.3"}]}}]}, "vendor_name": "SAP SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "references": {"reference_data": [{"name": "https://launchpad.support.sap.com/#/notes/2742468", "refsource": "MISC", "url": "https://launchpad.support.sap.com/#/notes/2742468"}, {"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", "refsource": "MISC", "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:44:16.487Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://launchpad.support.sap.com/#/notes/2742468"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"}]}]}, "cveMetadata": {"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd", "assignerShortName": "sap", "cveId": "CVE-2019-0332", "datePublished": "2019-08-14T13:44:00.000Z", "dateReserved": "2018-11-26T00:00:00.000Z", "dateUpdated": "2024-08-04T17:44:16.487Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "321A6FA2-0182-4C03-B367-80D2CE064493", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "FAD665A3-D351-4BDE-819F-C296F484F926", "vulnerable": true}, {"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "332B91C8-BE8B-4D64-AE82-04FAA946CE83", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SAP BusinessObjects Business Intelligence Platform (Info View), versions 4.1, 4.2, 4.3, allows an attacker to give some payload for keyword in the search and it will be executed while search performs its action, resulting in Cross-Site Scripting (XSS) vulnerability."}, {"lang": "es", "value": "SAP BusinessObjects Business Intelligence Platform (Info View), versiones 4.1, 4.2, 4.3, permite a un atacante entregar alguna carga \u00fatil para la palabra clave en la b\u00fasqueda y ser\u00e1 ejecutada mientras la b\u00fasqueda realiza su acci\u00f3n, lo que resulta en una vulnerabilidad de tipo cross-site scripting (XSS)."}], "id": "CVE-2019-0332", "lastModified": "2024-11-21T04:16:41.910", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-14T14:15:15.543", "references": [{"source": "cna@sap.com", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/2742468"}, {"source": "cna@sap.com", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Vendor Advisory"], "url": "https://launchpad.support.sap.com/#/notes/2742468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"}], "sourceIdentifier": "cna@sap.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}