SAP.Crystal.Reports.viewreport.asp.XSS
Description
This indicates an attack attempt against a Cross Site Scripting vulnerability in SAP Business Objects Crystal Reports.
The vulnerability is caused by improper validation of user supplied input. Remote attackers can exploit it to execute scripts in a victim's web browser.
Affected Products
Business Objects Crystal Reports XI Release 2 0
Business Objects Crystal Reports XI Professional 0
Business Objects Crystal Reports Server XI 0
Business Objects Crystal Reports for Visual Studio .NET 2005 10.2
Business Objects Crystal Reports for Visual Studio .NET 2003 0
Business Objects Crystal Reports for Visual Studio .NET 2002 0
Business Objects Crystal Reports 10.0
Business Objects Crystal Reports 9.0
Business Objects Crystal Reports 8.0
Business Objects Crystal Reports 7.0
Impact
Information Disclosure: Arbitrary Script Execution.
Recommended Actions
Currently we are not aware of any vendor supplied patches.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-02 | 16.972 |