CVE-2021-33698

Summary

SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files) without the proper file format validation.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Business One< 10.0affected

Weaknesses

  • CWE-434: CWE-434: Unrestricted Upload of File

ADP Enrichment

CVE Program Container

Additional References

References