VYPR

Document Builder

by SAP

CVEs (2)

  • CVE-2024-39591Aug 13, 2024
    risk 0.00cvss epss 0.00

    SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.

  • CVE-2024-34683Jun 11, 2024
    risk 0.00cvss epss 0.00

    An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.