CVE-2020-6281

Name of the Vulnerable Software and Affected Versions SAP Business Objects Business Intelligence Platform (BI Launchpad) version 4.2

Description The issue is related to insufficient encoding of user-controlled inputs, resulting in reflected Cross-Site Scripting. This allows attackers to inject malicious scripts into the system.

Recommendations For SAP Business Objects Business Intelligence Platform (BI Launchpad) version 4.2, update to a version that properly encodes user-controlled inputs to prevent Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.