Severity: : Critical
  Advisory Date: 21 lipca 2015

  DESCRIPTION

Multiple XSS vulnerabilities found in the module PerformanceManagement application SAP Crystal Report Server 2008. An attacker can intercept the cookie administrator or regular user of the system.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  AFFECTED SOFTWARE AND VERSION:

  • SAP Crystal Reports Multiple Cross-Site Scripting Vulnerabilities