The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/3112928 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=596902035 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2022-01-14T19:11:28
Updated: 2023-07-10T18:07:38.847Z
Reserved: 2022-01-04T00:00:00
Link: CVE-2022-22531
JSON object: View
NVD Information
Status : Modified
Published: 2022-01-14T20:15:15.880
Modified: 2023-07-10T19:15:09.557
Link: CVE-2022-22531
JSON object: View
Redhat Information
No data.
CWE