← Back

Document Builder

document_builder

Vendor: Sap • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-39591
1Sap
1Document Builder
Sep 12, 2024
Aug 13, 2024
N/A· v4
5.3 MEDIUM· v3
N/A· v2
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
CVE-2024-34683
1Sap
1Document Builder
Nov 21, 2024
Jun 11, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victi...Show more
An authenticated attacker can upload malicious file to SAP Document Builder service. When the victim accesses this file, the attacker is allowed to access, modify, or make the related information unavailable in the victim’s browser.Show less