SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2021-09-15T18:01:49

Updated: 2024-08-03T23:58:22.910Z

Reserved: 2021-05-28T00:00:00

Link: CVE-2021-33694

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-15T19:15:09.357

Modified: 2024-11-21T06:09:23.110

Link: CVE-2021-33694

cve-icon Redhat

No data.