SAP Crystal Reports Multiple Cross-Site Scripting Vulnerabilities
Severity: CRITICAL
Advisory Date: JUL 21, 2015
DESCRIPTION
Multiple XSS vulnerabilities found in the module PerformanceManagement application SAP Crystal Report Server 2008. An attacker can intercept the cookie administrator or regular user of the system.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
AFFECTED SOFTWARE AND VERSION
- SAP Crystal Reports Multiple Cross-Site Scripting Vulnerabilities