CVE-2023-33984

Name of the Vulnerable Software and Affected Versions SAP NetWeaver (Design Time Repository) version 7.50

Description The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to inject arbitrary HTML code. This could enable an authorized attacker to create a file with malicious content and send a link to a victim via email or instant message, potentially leading to a Cross-Site Scripting vulnerability under certain circumstances.

Recommendations For SAP NetWeaver (Design Time Repository) version 7.50, consider restricting access to versioned files to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the affected content types for sensitive files.