SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.
CPE | Name | Operator | Version |
---|---|---|---|
disclosure_management | eq | 10.1 |