cbcvebase.
CVE-2024-33002
published 2024-05-14

CVE-2024-33002: Document Service handler (obsolete) in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)…

medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Document Service handler (obsolete) in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability with low impact on Confidentiality and Integrity of the application.

Affected

10 ranges
VendorProductVersion rangeFixed in
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana
sap_sesap_s_4hana