SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
CPE | Name | Operator | Version |
---|---|---|---|
commerce_cloud | eq | 6.4 | |
commerce_cloud | eq | 6.5 | |
commerce_cloud | eq | 6.6 | |
commerce_cloud | eq | 6.7 | |
commerce_cloud | eq | 1808 | |
commerce_cloud | eq | 1811 | |
commerce_cloud | eq | 1905 |