How severe is CVE-2024-28165?

CVE-2024-28165 has a CVSS v3 score of 8.1 (HIGH).

CVE-2024-28165

Name: businessobjects_business_intelligence_platform
Author: sap

8.1HIGH

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiali

Published: 5/14/2024Updated: 10/23/2025

Description

SAP Business Objects Business Intelligence Platform is vulnerable to stored XSS allowing an attacker to manipulate a parameter in the Opendocument URL which could lead to high impact on Confidentiality and Integrity of the application

AI AnalysisPowered by AI

Affected Products

sapbusinessobjects_business_intelligence_platform

430

sapbusinessobjects_business_intelligence_platform

440

References

https://me.sap.com/notes/3431794
Permissions Required
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
Patch
https://me.sap.com/notes/3431794
Permissions Required
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
Patch