CVE-2019-0262

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt