Vulnerabilities > SAP > Content Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-13 CVE-2024-33005 Missing Authorization vulnerability in SAP products
Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions.
local
low complexity
sap CWE-862
6.3
2023-03-14 CVE-2023-26457 Cross-site Scripting vulnerability in SAP Content Server 7.53
SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
low complexity
sap CWE-79
6.1
2015-06-02 CVE-2015-4157 Denial of Service vulnerability in SAP Content Server
SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995.
network
low complexity
sap
5.0