CVE-2022-22546

Due to improper HTML encoding in input control summary, an authorized attacker can execute XSS vulnerability in SAP Business Objects Web Intelligence (BI Launchpad) – version 420.

Date published : 2022-02-09

https://launchpad.support.sap.com/#/notes/3126748

https://wiki.scn.sap.com/wiki/display/PSR/SAP+Security+Patch+Day+-+February+2022