XML External Entity (XXE) vulnerability in SAP BusinessObjects Explorer 14.0.5 build 882

XML External Entity (XXE) vulnerability in SAP BusinessObjects Explorer 14.0.5 build 882

CVE-2014-8316 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

XML External Entity (XXE) vulnerability in polestar_xml.jsp in SAP BusinessObjects Explorer 14.0.5 build 882 allows remote attackers to read arbitrary files via the xmlParameter parameter in an explorationSpaceUpdate request.

Learn more about our External Network Penetration Testing.