VYPR

My Travel Requests

by SAP

CVEs (1)

  • CVE-2024-32731MedMay 14, 2024
    risk 0.36cvss 5.5epss 0.00

    SAP My Travel Requests does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation, the attacker can upload a malicious attachment to a business trip request which will lead to a low impact on the…