Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe
Filtered by product Document Builder
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-34683 1 Sap 1 Document Builder 2024-11-21 N/A 6.5 MEDIUM
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.
CVE-2024-39591 1 Sap 1 Document Builder 2024-09-12 N/A 5.3 MEDIUM
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.