Business intelligence and reporting tools
This hub aggregates every CVE we track for Business intelligence and reporting tools, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Business intelligence and reporting tools.
- CVE-2023-0100In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. __report=http://xy...8.8
- CVE-2021-34427In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running i...9.8
- CVE-2019-11776In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflected XSS in URL parameter. Attacker can execute the payload in victim's browser context.6.1
Product normalization is registry-driven with AI assist and human review. How it works