CVE-2023-31407

Name of the Vulnerable Software and Affected Versions SAP Business Planning and Consolidation versions 740, 750

Description The issue allows an authorized attacker to upload a malicious file, resulting in a Cross-Site Scripting issue. After successful exploitation, an attacker can cause limited impact on confidentiality and integrity of the application.

Recommendations For versions 740 and 750, update to a version that includes a fix for this issue to prevent an attacker from uploading malicious files and exploiting the Cross-Site Scripting weakness. At the moment, there is no information about a newer version that contains a fix for this vulnerability.