CVE-2026-27683

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence (affected versions not specified)

Description An authenticated attacker can inject malicious JavaScript payloads through crafted URLs. When a victim accesses the URL, the script executes in the user's browser, which may expose restricted information. This is a stored cross-site scripting issue, where malicious scripts are permanently stored on the target server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.