As of SAP NW BPM 7.20 SP0, the possibility to restrict the file types to be used as attachments to BPM tasks and processes was introduced. This eliminated the risk of attaching potentially dangerous files (e.g. with active content aimed to attack the targeted user).
Available fix and Supported packages
- BPEM-WDUI | 7.20 | 7.20
- BPEM-BASE | 7.20 | 7.20
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.