Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2024-39591
- EPSS 0.2%
- Published 13.08.2024 05:15:13
- Last modified 12.09.2024 13:29:47
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
6.5
CVE-2024-34683
- EPSS 0.19%
- Published 11.06.2024 03:15:10
- Last modified 21.11.2024 09:19:11
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.
1