Vulnerabilities > SAP > Enable NOW > Low

DATE CVE VULNERABILITY TITLE RISK
2021-06-09 CVE-2021-27637 Unspecified vulnerability in SAP Enable NOW 1.0/10.0
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an attacker to access information which would otherwise be restricted leading to information disclosure.
local
sap
1.9
2020-03-10 CVE-2020-6197 Insufficient Session Expiration vulnerability in SAP Enable NOW 1902
SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner.
local
low complexity
sap CWE-613
2.1
2019-11-13 CVE-2019-0385 Cross-site Scripting vulnerability in SAP Enable NOW 1902
SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
network
sap CWE-79
3.5