Business Objects WebIntelligence Application Session Hijacking Vulnerability

Business Objects WebIntelligence Application Session Hijacking Vulnerability

It has been reported that WebIntelligence uses an insecure model for ensuring session security. The application uses web-type security features that may be prone to hijacking. This could allow a remote user to gain unauthorized access to another user's session, due to an insecure session management implementation.