• info
• discussion
• exploit
• solution
• references

Business Objects Infoview 'cms' Parameter Cross-Site Scripting Vulnerability

Solution:
The vendor released FixPack 3.5 to address this issue. Please see the references for more information.


Business Objects BusinessObjects XI R2 SP3

• Cuyahoga BusinessObjects XI Release 2 - Service Pack 3 -Fix Pack 3.5
  ftp://ftp1.businessobjects.com/outgoing/CS/XIR2SP2FixPack35Win/FixPack 3.5FullWin.zip