CVE-2025-23192 – SAP BusinessObjects Business Intelligence BI Workspace Cross-Site Scripting (XSS)

June 9, 2025

CVE ID : CVE-2025-23192

Published : June 10, 2025, 1:15 a.m. | 23 minutes ago

Description : SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session information, modify or make browser information unavailable. This leads to a high impact on confidentiality and low impact on integrity, availability.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-42982 – SAP GRC Authentication Bypass

Next Article CVE-2025-5905 – TOTOLINK T10 Buffer Overflow in POST Request Handler

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-23192 – SAP BusinessObjects Business Intelligence BI Workspace Cross-Site Scripting (XSS)

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

JustDD is a USB Image Writer

Breaking Down Apple’s Liquid Glass: The Tech, The Hype, and The Reality

Distribution Release: Edubuntu 25.04

CVE-2025-20993 – Samsung Camera libsecimaging Camera Buffer Overflow

CVE-2025-28029 – TOTOLINK Buffer Overflow Vulnerability

MSI Claw owners need to grab this Intel Arc GPU driver update to fix an irritating audio bug on their Windows 11 handhelds

Create professional virtual property tours in minutes using AI technology. Perfect for real estate agents, featuring multilingual narration, custom branding, and automated video generation. Boost your property listings with engaging virtual tours. #proptech #realestateAI #virtualtours

CVE-2025-3471 – “SureForms WordPress Plugin Unauthenticated Configuration Update”

CVE-2025-23192 – SAP BusinessObjects Business Intelligence BI Workspace Cross-Site Scripting (XSS)

Related Posts