Vulnerability Details CVE-2025-25245
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a limited impact on confidentiality and integrity within the scope of victim�s browser. There is no impact on availability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.5%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-25245
-
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:2025
-
cpe:2.3:a:sap:businessobjects_business_intelligence_platform:430