CVE-2010-3981: XSS
First published: Mon Oct 18 2010(Updated: )
Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to inject arbitrary web script or HTML via the ServiceClass field to the Edit Service Parameters page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP BusinessObjects | =3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-3981?
The severity of CVE-2010-3981 is classified as medium, indicating a moderate risk to affected systems.
How do I fix CVE-2010-3981?
To fix CVE-2010-3981, you should apply the latest security patches provided by SAP for BusinessObjects Enterprise XI 3.2.
What types of attacks are possible due to CVE-2010-3981?
CVE-2010-3981 could allow remote attackers to perform cross-site scripting (XSS) attacks by injecting malicious scripts.
Which versions of SAP BusinessObjects are affected by CVE-2010-3981?
CVE-2010-3981 specifically affects SAP BusinessObjects Enterprise XI version 3.2.
Can CVE-2010-3981 be exploited without user interaction?
Yes, CVE-2010-3981 can be exploited remotely without requiring any user interaction.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/sap
- canonical/sap businessobjects
- version/sap businessobjects/3.2