In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.
CPE | Name | Operator | Version |
---|---|---|---|
enable_now_enable_now_consump_del | eq | 1704 | |
enable_now_wpb_manager | eq | 1.0 | |
enable_now_wpb_manager_ce | eq | 10 | |
enable_now_wpb_manager_hana | eq | 10 |