cbcvebase.
CVE-2023-31407
published 2023-05-09

CVE-2023-31407: SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting…

medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

Affected

4 ranges
VendorProductVersion rangeFixed in
sapbusiness_planning_and_consolidation
sapbusiness_planning_and_consolidation
sap_sesap_business_planning_and_consolidation
sap_sesap_business_planning_and_consolidation