CVE-2020-6281: XSS
First published: Tue Jul 14 2020(Updated: )
SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficiently encode user-controlled inputs, resulting reflected in Cross-Site Scripting.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sap Businessobjects Business Intelligence Platform | =4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this SAP Business Objects Business Intelligence Platform vulnerability?
The vulnerability ID is CVE-2020-6281.
What is the severity of CVE-2020-6281?
The severity of CVE-2020-6281 is medium with a CVSS score of 6.1.
How does CVE-2020-6281 affect SAP Business Objects Business Intelligence Platform?
CVE-2020-6281 affects SAP Business Objects Business Intelligence Platform version 4.2.
What is the impact of CVE-2020-6281?
CVE-2020-6281 allows for reflected Cross-Site Scripting (XSS) attacks.
How can I mitigate the vulnerability CVE-2020-6281 in SAP Business Objects Business Intelligence Platform?
To mitigate CVE-2020-6281, SAP provides security patches and recommends updating to the latest version of the platform. More details can be found in the SAP support notes.
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- vendor/sap
- canonical/sap businessobjects business intelligence platform
- version/sap businessobjects business intelligence platform/4.2