SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Disclosure_management | Sap | 10.1 (including) | 10.1 (including) |