Vulnerabilities > SAP > Enable NOW > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-09 | CVE-2021-27637 | Unspecified vulnerability in SAP Enable NOW 1.0/10.0 Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an attacker to access information which would otherwise be restricted leading to information disclosure. local sap | 1.9 |
2020-03-10 | CVE-2020-6197 | Insufficient Session Expiration vulnerability in SAP Enable NOW 1902 SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. | 2.1 |
2019-11-13 | CVE-2019-0385 | Cross-site Scripting vulnerability in SAP Enable NOW 1902 SAP Enable Now, before version 1908, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 3.5 |