### [CVE-2024-34683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34683)
![](https://img.shields.io/static/v1?label=Product&message=SAP%20Document%20Builder&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20S4CORE%20100%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%3A%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen)

### Description

An authenticated attacker can upload maliciousfile to SAP Document Builder service. When the victim accesses this file, theattacker is allowed to access, modify, or make the related informationunavailable in the victim’s browser.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds