Unencoded User Inputs in SAP Business Intelligence Promotion Management Application: Cross-Site Scripting (XSS) Vulnerability

Unencoded User Inputs in SAP Business Intelligence Promotion Management Application: Cross-Site Scripting (XSS) Vulnerability

CVE-2017-16681 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded.

Learn more about our User Device Pen Test.