Symptom
- SQL Query injection found in HTTP Request during security scanning using for example Burp Suite:
- The URL in question is /BOE/portal/<ID>/biprwsproxy/biprws/v1/cmsquery
Read more...
Environment
- SAP BusinessObjects Business Intelligence (BI) Platform 4.x
Product
SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3
Keywords
SQL, Query, execution, running, http response, http request, XSS, vulnerabilities , KBA , BI-BIP-SEC , Security Vulnerabilities in SAP BusinessObjects , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.