MIME Sniffing Vulnerability in SAP Commerce Cloud JavaScript Storefront
CVE-2021-33666
4.7MEDIUM
What is CVE-2021-33666?
The SAP Commerce Cloud version 100 poses a security vulnerability when hosting a JavaScript storefront due to improper MIME type handling. This flaw allows for MIME sniffing, which could potentially be exploited to launch cross-site scripting (XSS) attacks or distribute malware. Organizations using this version should ensure that they implement proper content type headers to mitigate such risks.
Affected Version(s)
SAP Commerce Cloud < 100