SAP BusinessObjects Content Administrator Workbench Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability has been identified in the SAP BusinessObjects Content Administrator Workbench. This issue arises from inadequate input sanitization, allowing attackers to create malicious URLs that execute scripts in the context of the victim's browser. The exploitation of this vulnerability could lead to the unauthorized exposure or alteration of web client data, with a low impact on confidentiality and integrity, and no effect on application availability.

Impact

Exploitation of this vulnerability could result in cross-site scripting, allowing for the execution of malicious scripts in the context of the user's browser.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP Security Patch Day, which occurs on the second Tuesday of each month. For more information, consult the SAP Security Notes FAQ or access SAP Security Notes through the SAP for Me platform.