CVE-2004-0534
Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
Date published : 2005-04-14
http://www.securityfocus.com/bid/11209
http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026550.html