2 matches found
CVE-2019-0305
Java Server Pages JSPs provided by the SAP NetWeaver Process Integration SAPXIESR and SAPXITOOL: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 do not restrict or incorrectly restrict frame objects or UI layers that belong to another application or domain, resulting in Clickjacking vulnerability...
CVE-2019-0305
The CVE-2019-0305 entry describes a Clickjacking vulnerability in SAP NetWeaver Process Integration JSPs (SAP_XIESR and SAP_XITOOL versions 7.10–7.11, 7.20, 7.30, 7.31, 7.40, 7.50) where frame UI restrictions are insufficient or incorrect, allowing UI elements from other domains to be overlaid. T...