CVE-2026-24325

Name of the Vulnerable Software and Affected Versions SAP BusinessObjects Enterprise (affected versions not specified)

Description SAP BusinessObjects Enterprise is susceptible to a Stored Cross-Site Scripting (XSS) issue. Insufficient encoding of user-controlled inputs allows an administrator to inject malicious JavaScript into a website. When a user visits the compromised page, the injected script is executed. The issue has a low impact on data confidentiality and integrity, and does not affect application availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.