CVE-2021-33666
SAP Commerce Cloud (version 100) when serving a JavaScript storefront is vulnerable to MIME sniffing that could enable an XSS attack or malware proliferation under certain conditions. Root cause appears to be MIME sniffing behavior; no remediation or patch details are provided in the supplied doc...