CVE-2023-33984

SAP NetWeaver (Design Time Repository) – version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.

Source: CVE-2023-33984