SAP PowerDesigner 代码注入漏洞

SAP PowerDesigner is a database design software from SAP Germany. A code injection vulnerability exists in SAP PowerDesigner version 16.7 that originates from allowing an unauthenticated attacker to inject VBScript code into a document. An attacker could exploit this vulnerability to cause...

PT-2023-6500 · Sap · Sap Powerdesigner

Name of the Vulnerable Software and Affected Versions: SAP PowerDesigner version 16.7 Description: The issue is related to improper access control in SAP PowerDesigner, which could allow an unauthenticated attacker to run arbitrary queries against the back-end database via a proxy. This could...