Assigner | sap |
Reserved | 2024-04-23 |
Published | 2024-05-14 |
Updated | 2024-06-04 |
Description
PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript (or any harmful client-side script), the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential security threat.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
Product status
754
755
756
757
758
References
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html
https://me.sap.com/notes/3446076