CVE-2020-6216

Name of the Vulnerable Software and Affected Versions SAP Business Objects Business Intelligence Platform (BI Launchpad) version 4.2

Description The issue is related to insufficient encoding of user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. This means that an attacker could potentially inject malicious scripts into the system, which would then be executed by the user's browser.

Recommendations For SAP Business Objects Business Intelligence Platform (BI Launchpad) version 4.2, consider implementing proper input validation and encoding to prevent XSS attacks. As a temporary workaround, restrict access to the BI Launchpad to minimize the risk of exploitation.