Sap: >> Document Builder Security Vulnerabilities
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-13
An authenticated attacker can upload malicious
file to SAP Document Builder service. When the victim accesses this file, the
attacker is allowed to access, modify, or make the related information
unavailable in the victim’s browser.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-06-11