SAP BusinessObjects URI Redirection and Cross Site Scripting Vulnerabilities
Gravedad: Medio
Fecha recomendada: 21 de julio de 2015
Descripción
SAP BusinessObjects is prone to multiple URI-redirection issues and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input.
Attackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, and conduct phishing attacks. Other attacks may also be possible.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Software y versión afectados
- SAP