CVE-2021-33682

Name of the Vulnerable Software and Affected Versions: SAP Lumira Server version 2.4

Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability. This allows an attacker with basic level privileges to store a malicious script on the server. When a registered victim executes the script content, it could compromise the confidentiality and integrity of the server's content.

Recommendations: For SAP Lumira Server version 2.4, update to a version that includes a fix for the insufficient encoding of user-controlled inputs to prevent Cross-Site Scripting (XSS) attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.