Gravité: : Critique
  Date du conseil: 21 juillet 2015

  Description

Multiple XSS vulnerabilities found in the module PerformanceManagement application SAP Crystal Report Server 2008. An attacker can intercept the cookie administrator or regular user of the system.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  Affected software and version:

  • SAP Crystal Reports Multiple Cross-Site Scripting Vulnerabilities