CVE-2020-6278 is a vulnerability in SAP Businessobjects Business Intelligence Platform
Published on July 14, 2020

SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC), versions 4.1, 4.2, allows to an attacker to embed malicious scripts in the application while uploading images, which gets executed when the victim opens these files, leading to Stored Cross Site Scripting

NVD

Products Associated with CVE-2020-6278

Want to know whenever a new CVE is published for SAP Businessobjects Business Intelligence Platform? stack.watch will email you.

SAP Businessobjects Business Intelligence Platform

Affected Versions

SAP SE SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC):

Version < 4.1 is affected.
Version < 4.2 is affected.

Exploit Probability

EPSS

0.14%

Percentile

33.91%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-6278 is a vulnerability in SAP Businessobjects Business Intelligence PlatformPublished on July 14, 2020

Products Associated with CVE-2020-6278

Affected Versions

Exploit Probability

CVE-2020-6278 is a vulnerability in SAP Businessobjects Business Intelligence Platform
Published on July 14, 2020