cvedb.io
CVE-2022-22531
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2022-01-14T20:15:15.880 · Last modified 2026-06-17T04:28:32.547

Summary

The F0743 Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, 105, 106, does not check uploaded or downloaded files. This allows an attacker with basic user rights to run arbitrary script code, resulting in sensitive information being disclosed or modified.

Affected products

sap — s\/4hana

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.