CVE-2021-33666
published 2021-06-09CVE-2021-33666: When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware proliferation.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | commerce_cloud | — | — |
| sap_se | sap_commerce_cloud | < 100 | 100 |