CNNVD-202507-796 Information
CNNVD ID
CNNVD-202507-796
Related CVE
- CNNVD Published: 2025-07-08
Description (Chinese)
SAP BusinessObjects Business Intelligence Platform是德国思爱普(SAP)公司的一款完备的商务分析平台。该平台集市场领先的 SAP 数据整合产品、数据管理产品和商务智能 (BI) 产品于一身,可消除系统集成难题,快速、轻松地部署高性能的商务分析软件。 SAP BusinessObjects Business Intelligence Platform存在安全漏洞,该漏洞源于HTML注入,允许基本用户权限攻击者在特定输入字段注入恶意代码,可能导致重定向或应用程序行为操纵。
Description (English)
SAP BusinessObjects Business Information Platform is a well-developed business analysis platform of SAP. The platform brings together the market-leading SAP data integration products, data management products and business intelligence (BI) products, which remove system integration challenges and rapidly and easily deploy high-performance business analysis software. The SAP BusinessObjects Business Inteligence Platform has a security loophole, which originates from an HTML injection, allowing the basic user permission attacker to inject a malicious code into a given input field, which may lead to a reorientation or application manipulation.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
思爱普
Published
2025-07-08
Last Modified
2026-02-24
References
https://me.sap.com/notes/3573199 https://url.sap/sapsecuritypatchday
Patch
https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html
Share on: