CVE-2026-0508

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Business Intelligence Platform (affected versions not specified)

Description An authenticated attacker with high privileges can insert a malicious URL within the application. Successful exploitation may result in an unvalidated redirect to an attacker-controlled domain, leading to the download of malicious content. This impacts the confidentiality and integrity of the application. The estimated number of potentially affected devices worldwide and details of real-world incidents are not available. The vulnerability involves the insertion of a malicious URL, potentially through a vulnerable parameter or function. The attacker exploits the application's functionality to redirect a victim to an external domain.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.