CVE-2019-0374

SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs and allows execution of scripts in the chart title resulting in reflected Cross-Site Scripting > MITRE Terms of Use apply – see LICENSE‑MITRE.txt