HIGH🇬🇧 English

CVE-2022-22531

CVSS 8.1v3.1pub. 2022-01-14upd. 2026-02-24

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Sap S\/4hana

    APP
    Sap
    100101102103104105106
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2026-0488CRITICAL9.9PL ✓ten sam produkt

SAP CRM / S/4HANA Scripting Editor — nieautoryzowane wykonanie SQL

CVE-2022-22530HIGH8.1ten sam produkt

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does ...

CVE-2021-38176HIGH8.8ten sam produkt

Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call N...

CVE-2026-27679MEDIUM6.5ten sam produkt

Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), a...

CVE-2026-34264MEDIUM6.5ten sam produkt

During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messa...