CVE-2021-33674

Name of the Vulnerable Software and Affected Versions: SAP Contact Center version 700

Description: The issue arises from insufficient encoding of user-controlled inputs, leading to a Reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability can be exploited when creating a new email, allowing an attacker to execute arbitrary code on the victim's browser.

Recommendations: For SAP Contact Center version 700, ensure that user-controlled inputs are properly encoded to prevent XSS attacks. As a temporary workaround, consider restricting the creation of new emails until a patch is available.