mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.7 KiB
1.7 KiB
CVE-2024-42374
Description
BEx Web Java Runtime Export Web Service does notsufficiently validate an XML document accepted from an untrusted source. Anattacker can retrieve information from the SAP ADS system and exhaust thenumber of XMLForm service which makes the SAP ADS rendering (PDF creation)unavailable. This affects the confidentiality and availability of theapplication.
POC
Reference
No PoCs from references.