Primary

Context

SAP Business Warehouse XSS Vulnerability in Business Explorer Web

Vulnerability

A cross-site scripting (XSS) vulnerability has been identified in SAP Business Warehouse (Business Explorer Web). This issue allows an attacker to create a malicious link that, when clicked by an authenticated user, executes an injected script in the context of the user's browser. This vulnerability could potentially affect the confidentiality and integrity of user data.

Impact

Exploitation of this vulnerability could lead to cross-site scripting, allowing for the execution of malicious scripts in the context of the user's browser.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP Security Patch Day, which occurs on the second Tuesday of each month. For more information, consult the SAP Security Notes FAQ.

Added: Jul 8, 2025, 1:53 AM

Updated: Jul 8, 2025, 1:53 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.7

exploitability

6.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

1.7

exploitability

6.0

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Business Warehouse XSS Vulnerability in Business Explorer Web

Vulnerability

Impact

Remediation

Affected Products

SAP Business Warehouse

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating