CVE-2018-2431
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled in
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
MEDIUM · CVSS 6.1
EPSS 0.00418
Monitor
- No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0
YARA rules0