Robertdra

**Name of the Vulnerable Software and Affected Versions** SAS Web Report Studio version 4.4 **Description** SAS Web Report Studio allows cross-site scripting (XSS). The "/SASWebReportStudio/logonAndRender.do" endpoint has two parameters: `saspfs request backlabel list` and `saspfs request backurl list`. The `saspfs request backlabel list` parameter affects the content of a button, while the `saspfs request backurl list` parameter affects the page to which the user is directed after pressing the button, potentially redirecting to a malicious web page. Additionally, the `saspfs request backurl list` parameter executes JavaScript, making XSS possible by adding a javascript: URL. **Recommendations** For SAS Web Report Studio version 4.4, consider disabling the `/SASWebReportStudio/logonAndRender.do` endpoint or restricting access to the `saspfs request backlabel list` and `saspfs request backurl list` parameters until a patch is available. Avoid using the `saspfs request backurl list` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.