mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.7 KiB
1.7 KiB
CVE-2024-33003
Description
Some OCC API endpoints in SAP Commerce Cloudallows Personally Identifiable Information (PII) data, such as passwords, emailaddresses, mobile numbers, coupon codes, and voucher codes, to be included inthe request URL as query or path parameters. On successful exploitation, thiscould lead to a High impact on confidentiality and integrity of theapplication.
POC
Reference
No PoCs from references.