VULHUB ™

Business Objects Crystal Enterprise is prone to a cross-site scripting vulnerability. An attacker could exploit this issue by enticing a user to following a malicious link to a Report (RPT) file. Malicious script embedded in the link could access properties of the vulnerable Crystal Enterprise site, allowing for various attacks such as theft of cookie-based authentication credentials.

Business Objects Crystal Enterprise is prone to a cross-site scripting vulnerability. An attacker could exploit this issue by enticing a user to following a malicious link to a Report (RPT) file. Malicious script embedded in the link could access properties of the vulnerable Crystal Enterprise site, allowing for various attacks such as theft of cookie-based authentication credentials.