2 matches found
CVE-2024-34683
CVE-2024-34683 describes an authenticated file upload vulnerability in SAP Document Builder. A logged-in attacker can upload a malicious file; when a victim accesses that file, the attacker may gain access to, modify, or render information unavailable in the victim’s browser. Document sources con...
CVE-2024-39591
CVE-2024-39591 concerns SAP Document Builder, where a missing authorization check in one function module enables privilege escalation with low impact on confidentiality. The description is consistently reported across Red Hat, NVD, CNVD, CVE lists, and CNVD entries, with the CVSS baseline indicat...