Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-h8m5-rv6r-f3vq

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE
View on GitHub

Advisory Details

SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before untrusted scripts are executed, but this is not set as default.

Related CVEs

CVE-2023-40621

Key Information

GHSA ID
GHSA-h8m5-rv6r-f3vq
Published
September 13, 2023 3:31 PM
Last Modified
April 4, 2024 7:38 AM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.