1446714 - Cross-site scripting vulnerability with Tomcat in BOE XI 3.1

Symptom

A cross-site scripting vulnerability is exposed when users create a subfolder in the Favorites folder and give it a name that is also a piece of JavaScript code.

Product

SAP BusinessObjects Enterprise XI 3.1

Keywords

ADAPT01286422, Fix Pack 2.5, Cross-site scripting , KBA , BI-BIP , Business intelligence platform , Bug Filed

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.