2 matches found
CVE-2024-33003
CVE-2024-33003 affects SAP Commerce Cloud via the OCC API Endpoint component. The root issue is that certain OCC API endpoints may include PII (passwords, emails, mobile numbers, coupon/voucher codes) in the request URL as query or path parameters, leading to potential disclosure and integrity im...
CVE-2024-33003 Information Disclosure Vulnerability in SAP Commerce Cloud
Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information PII data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a Hi...