SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controlled inputs for RecycleBin, resulting in Stored Cross-Site Scripting (XSS) vulnerability.

Related CVEs

CVE-2020-6300

Key Information

GHSA ID

GHSA-pqrf-972g-jq2w

Published

May 24, 2022 5:25 PM

Last Modified

May 24, 2022 5:25 PM

CVSS Score

2.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 26, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.