CVE-2020-6220 is a vulnerability in SAP Business Objects Business Intelligence Platform
Published on June 6, 2022

BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Exploit is possible only when the bttoken in victims session is active.

NVD

Products Associated with CVE-2020-6220

Want to know whenever a new CVE is published for SAP Business Objects Business Intelligence Platform? stack.watch will email you.

SAP Business Objects Business Intelligence Platform

Affected Versions

SAP SE SAP Business Objects Business Intelligence Platform:

Version 4.1 is affected.
Version 4.2 is affected.

Exploit Probability

EPSS

0.15%

Percentile

35.42%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6220 is a vulnerability in SAP Business Objects Business Intelligence PlatformPublished on June 6, 2022

Products Associated with CVE-2020-6220

Affected Versions

Exploit Probability

CVE-2020-6220 is a vulnerability in SAP Business Objects Business Intelligence Platform
Published on June 6, 2022