Arbitrary File Upload Vulnerability in SAP BusinessObjects (Visual Difference)

Arbitrary File Upload Vulnerability in SAP BusinessObjects (Visual Difference)

CVE-2019-0259 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.

Learn more about our Web Application Penetration Testing UK.