Intrusion PreventionSAP.Crystal.Reports.viewreport.asp.XSS
Description
This indicates an attack attempt against a Cross Site Scripting vulnerability in SAP Business Objects Crystal Reports.
The vulnerability is caused by improper validation of user supplied input. Remote attackers can exploit it to execute scripts in a victim's web browser.
Affected Products
Business Objects Crystal Reports XI Release 2 0
Business Objects Crystal Reports XI Professional 0
Business Objects Crystal Reports Server XI 0
Business Objects Crystal Reports for Visual Studio .NET 2005 10.2
Business Objects Crystal Reports for Visual Studio .NET 2003 0
Business Objects Crystal Reports for Visual Studio .NET 2002 0
Business Objects Crystal Reports 10.0
Business Objects Crystal Reports 9.0
Business Objects Crystal Reports 8.0
Business Objects Crystal Reports 7.0
Impact
Information Disclosure: Arbitrary Script Execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-02 | 16.972 |
| ID | 27242 |
| Created | Jul 07, 2011 |
| Updated | Nov 15, 2021 |
| Risk |
|
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | ASP_app |