CVE-2022-1248
CVE-2022-1248 impacts SAP Information System 1.0. The flaw is in the file /SAP_Information_System/controllers/add_admin.php , where an unauthenticated attacker can create a new admin account via a simple POST request due to missing authorization/session verification. CVSS v3.1 base score 7.3 (Hig...