Known Vulnerabilities
CVE-2020-6257
SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
MEDIUM
CVSS 5.4
Published May 12, 2020
CVE-2019-0346
Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure.
UNKNOWN
Published Aug 14, 2019