XSS Vulnerability in SAP BusinessObjects Business Intelligence Platform (Crystal Report) Versions 420 and 430

XSS Vulnerability in SAP BusinessObjects Business Intelligence Platform (Crystal Report) Versions 420 and 430

CVE-2021-33696 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

SAP BusinessObjects Business Intelligence Platform (Crystal Report), versions - 420, 430, does not sufficiently encode user controlled inputs and therefore an authorized attacker can exploit a XSS vulnerability, leading to non-permanently deface or modify displayed content from a Web site.

Learn more about our Web App Pen Testing.