/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- By using an interception proxy (BURP Suite), it was possible to exploit each of these reflected cross-site scripting ..vulnerabilities.
- The vulnerabilities were demonstrated by generating a pop-up window containing a number.
- Due to the ..being nature of the pop-up it was chosen rather than a more malicious exploitation of the vulnerability.
- All vulnerabilities existed within POST requests, thus it was not possible to simply provide a URL as a Proof-of-Concept.
- An interception proxy will be needed in order to replicate these findings.
Read more...
Environment
SAP BusinessObjects XI 3.1
Product
SAP BusinessObjects Enterprise XI 3.1
Keywords
ADAPT 01468769 1468769 Business Objects Intelligence XSS Cross Site Scripting , KBA , BI-BIP-DEP , Webapp Deployment, Networking, Vulnerabilities, Webservices , Bug Filed
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)