CVE-2023-31406

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform versions 420, 430

Description The issue is caused by insufficient input validation, allowing an unauthenticated attacker to redirect users to an untrusted site using a malicious link. Successful exploitation can result in an attacker being able to view or modify information, causing a limited impact on the confidentiality and integrity of the application.

Recommendations For versions 420 and 430, update to a version that includes the necessary input validation fixes to prevent malicious link redirection. As a temporary workaround, consider restricting access to untrusted sites to minimize the risk of exploitation.