CVE-2017-16681

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile32.50th

PublishedDec 12, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded.

Affected Platforms (CPE)

📦

Sap

Business Intelligence Promotion Management Application

= 4.10

📦

Sap

Business Intelligence Promotion Management Application

= 4.20

📦

Sap

Business Intelligence Promotion Management Application

= 4.30

References & Advisories

🔗 http://www.securityfocus.com/bid/102142

🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/

🔗 https://launchpad.support.sap.com/#/notes/2523913

🔗 http://www.securityfocus.com/bid/102142

🔗 https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/

🔗 https://launchpad.support.sap.com/#/notes/2523913

Vulnerability Description

Affected Platforms (CPE)

Business Intelligence Promotion Management Application

Business Intelligence Promotion Management Application

Business Intelligence Promotion Management Application

References & Advisories

Related Vulnerabilities