medium2026-04-14SAP BusinessObjectsCVE-2026-27683

Reflected XSS vulnerability in SAP BusinessObjects BI Platform

SAP BusinessObjects Business Intelligence Platform

Our Take

Batch with the other BO notes this month.

Vulnerability Detail

A reflected cross-site scripting vulnerability in the BusinessObjects BI Platform that could allow script injection attacks against users.

Patch Action

Apply SAP Note 3698216.

Affected Versions

ENTERPRISE 430
2025
2027

Patch Info

Timing

🟡 Next patch window

CVSS Score

4.1

SAP Note

3698216

CVE

CVE-2026-27683

Published

2026-04-14

Timing recommendations are editorial. Verify against official SAP Security Notes before acting on production systems.
← All patches