What is the CVSS score of CVE-2025-23192?

CVE-2025-23192 has a CVSS 3.1 base score of 8.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L. EPSS exploitation probability: 0.2%.

Which versions of Businessobjects Business Intelligence are affected by CVE-2025-23192?

SAP BusinessObjects BI Workspace contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into shared workspaces.. A patch is available.

How to fix or mitigate CVE-2025-23192?

Within 24 hours: Identify all SAP BusinessObjects BI Workspace instances in your environment and assess user exposure. Within 7 days: Apply the available vendor patch to all affected systems and validate deployment. Within 30 days: Conduct a security review of shared workspaces for indicators of compromise and reset credentials for users who accessed potentially malicious workspaces.

Businessobjects Business Intelligence CVE-2025-23192

EUVD-2025-17607 HIGH

Cross-site Scripting (XSS) (CWE-79)

2025-06-10 cna@sap.com

XSS Information Disclosure SAP Businessobjects Business Intelligence

8.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

Low

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17607

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

Patch released

Mar 14, 2026 - 19:49 nvd

Patch available

CVE Published

Jun 10, 2025 - 01:15 nvd

HIGH 8.2

DescriptionNVD

SAP BusinessObjects Business Intelligence (BI Workspace) allows an unauthenticated attacker to craft and store malicious script within a workspace. When the victim accesses the workspace, the script will execute in their browser enabling the attacker to potentially access sensitive session information, modify or make browser information unavailable. This leads to a high impact on confidentiality and low impact on integrity, availability.

AnalysisAI

Stored Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects BI Workspace that allows unauthenticated attackers to inject and persist malicious JavaScript code within workspaces. When authenticated users access compromised workspaces, the malicious script executes in their browser context, potentially exposing sensitive session tokens, cookies, and user data. The vulnerability has a CVSS score of 8.2 (High) with significant confidentiality impact; while KEV/EPSS data and active exploitation status are not provided in available intelligence, the attack requires user interaction and authentication context, moderating real-world severity despite the high CVSS rating.

Technical ContextAI

This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation - 'Cross-site Scripting'), a fundamental web application flaw where user-supplied input is not properly sanitized or escaped before being rendered in HTML/JavaScript context. SAP BusinessObjects BI Workspace, a business intelligence and analytics platform, fails to adequately validate and neutralize malicious script payloads when users create or modify workspace objects. The stored nature of this XSS means the malicious payload persists in the backend database and executes for every subsequent user accessing the affected workspace, making it a persistent threat vector. The vulnerability likely exists in workspace creation/editing endpoints, dashboard components, or report configuration interfaces where user input flows directly into DOM without proper Content Security Policy (CSP) enforcement or output encoding.

RemediationAI

IMMEDIATE: Isolate or restrict access to BI Workspace instances until patches are applied. Review recent workspace creation/modification logs to identify potentially malicious payloads. 2) PATCH: Apply SAP's official security patch for BusinessObjects BI Workspace addressing CVE-2025-23192 (patch details and version numbers available via SAP Security Patch Day advisories or direct vendor notification). 3) WORKAROUNDS (if patching is delayed): Implement Web Application Firewall (WAF) rules blocking common XSS payloads in workspace endpoints; deploy strict Content Security Policy headers to limit script execution scope; restrict workspace editing permissions to trusted administrators only; audit and sanitize existing workspace definitions for suspicious JavaScript. 4) POST-REMEDIATION: Enforce input validation and output encoding standards in custom BI extensions; implement automated security scanning for XSS in workspace configuration; conduct user awareness training on not executing workspace code from untrusted sources. Contact SAP Support directly for patch download links and deployment guidance specific to your environment.

CVE-2025-23192 vulnerability details – vuln.today

Back