Vulnerabilities > SAP > Enable NOW Enable NOW Consump DEL > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-30 CVE-2023-36920 Improper Restriction of Rendered UI Layers or Frames vulnerability in SAP products
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.
network
low complexity
sap CWE-1021
6.1