VYPR
Unrated severityNVD Advisory· Published Jun 13, 2023· Updated Jan 3, 2025

Cross-Site Scripting (XSS) vulnerability in NetWeaver (Design Time Repository)

CVE-2023-33984

Description

SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.