CVE-2023-33988

CVSS V2 None CVSS V3 None
Description
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.
Overview
  • CVE ID
  • CVE-2023-33988
  • Assigner
  • sap
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-11T02:26:57.068Z
  • Last Modified Date
  • 2023-07-11T02:26:57.068Z
History
Created Old Value New Value Data Type Notes
2024-06-25 07:52:40 Added to TrackCVE