Unrated severityNVD Advisory· Published Sep 15, 2021· Updated Aug 3, 2024
CVE-2021-33694
CVE-2021-33694
Description
SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting.
Affected products
2- Range: =2.0
- SAP SE/SAP Cloud Connectorv5Range: < 2.0
Patches
Vulnerability mechanics
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.