Vulnerabilities > SAP > Business Planning AND Consolidation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-31407 | Cross-site Scripting vulnerability in SAP Business Planning and Consolidation 740/750 SAP Business Planning and Consolidation - versions 740, 750, allows an authorized attacker to upload a malicious file, resulting in Cross-Site Scripting vulnerability. | 5.4 |
| 2023-02-14 | CVE-2023-23851 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Business Planning and Consolidation 200/300 SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files (including web pages) without the proper file format validation. | 5.4 |