CVE-2025-25245

SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web application endpoint that is not properly secured. An attacker could take advantage of this by injecting a malicious url in the data returned to the user. On successful exploitation, there could be a limited impact on confidentiality and integrity within the scope of victim?s browser. There is no impact on availability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt