{"vulnerability": "CVE-2025-0060", "sightings": [{"uuid": "34f9df35-6da0-475e-9376-48849295744b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0060", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfo3exus2y2j", "content": "", "creation_timestamp": "2025-01-14T01:18:16.240381Z"}, {"uuid": "6e392957-21c1-494d-90fe-c69bffa7b8a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0060", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113824713848736671", "content": "", "creation_timestamp": "2025-01-14T04:01:39.226583Z"}, {"uuid": "d2f39885-cf00-4818-b78b-ff3b10f326d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0060", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1493", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0060\n\ud83d\udd39 Description: SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to the attacker. The attacker could further use this information to impersonate as a high privileged user causing high impact on confidentiality and integrity of the application.\n\ud83d\udccf Published: 2025-01-14T00:09:14.051Z\n\ud83d\udccf Modified: 2025-01-14T14:59:23.756Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3474398\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-01-14T15:11:32.000000Z"}, {"uuid": "1d23d7ab-045a-4977-b610-275b7dc26a09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0060", "type": "seen", "source": "https://t.me/cvedetector/15220", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0060 - SAP BusinessObjects Business Intelligence Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-0060 \nPublished : Jan. 14, 2025, 1:15 a.m. | 37\u00a0minutes ago \nDescription : SAP BusinessObjects Business Intelligence Platform allows an authenticated user with restricted access to inject malicious JS code which can read sensitive information from the server and send it to the attacker. The attacker could further use this information to impersonate as a high privileged user causing high impact on confidentiality and integrity of the application. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T03:07:24.000000Z"}]}