2 matches found
CVE-2019-0341
The session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application...
CVE-2019-0341
The CVE-2019-0341 affects SAP Enable Now, version 1902, where the session cookie is missing the HttpOnly flag. This allows script code executed in the application context to access the session cookie and potentially abuse it to gain access to the application. The connected documents corroborate t...