CVE-2022-22546 An attacker can XSS in SAP Business Objects Web Intelligence - version 420 due to improper HTML encoding.

The following is an example of XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) - version 420. In the following example, |%20 has been encoded incorrectly and it is being displayed as an actual value in the javascript console. This allows an attacker to inject malicious code into the website and conduct XSS attacks. |%20 var%20 _onload = function(evt) { if (evt.data instanceof XmlTransfer) evt.data.innerXml.say(); }; | Insecure direct object reference in XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) - version 420 allows remote attackers to execute arbitrary code via a crafted tag that is improperly encoded for injection.

Summary

XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) - version 420 allows remote attackers to execute arbitrary code via a crafted tag that is improperly encoded for injection. The following is an example of XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) - version 420. In the following example, |%20 has been encoded incorrectly and it is being displayed as an actual value in the javascript console. This allows an attacker to inject malicious code into the website and conduct XSS attacks.

Vulnerability discovery and exploitation

There are many ways an attacker can use XSS vulnerabilities to launch attacks. One way is by injecting malicious code into the website and using that code to conduct XSS attacks. Another way is by exploiting the vulnerability in a different way, like getting information from a user's session cookie or modifying a form input field.
Vulnerability discovery and exploitation can be done in many ways:
- Manual testing of websites for vulnerabilities
- Scanning for vulnerabilities through tools like Nessus, OpenVAS, and Metasploit
- Building a custom scanner

Introduction to XSS

Cross-site scripting (XSS) is a type of computer security vulnerability that allows attacks on a website by users with authorisation. If a web application includes user input in its client-side scripts, an attacker can insert malicious code into the application which will execute when another user visits the site. For example, if a web application includes any input from users in its HTML, such as "

Timeline

Published on: 02/09/2022 23:15:00 UTC
Last modified on: 08/24/2022 16:15:00 UTC

References

• https://launchpad.support.sap.com/#/notes/3126748
• https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22546