Skip links
RedRays
Published in: sap note

Whitelist based Clickjacking Framing Protection in UI theme designer on ABAP, SAP security note 2349128

Author
Published on:

Description

UI theme designer on ABAP does not protect its applications against Clickjacking attacks.

Available fix and Supported packages

  • UI_INFRA | 100 | 100
  • SAP_UI | 740 | 740
  • SAP_UI | 750 | 750
  • SAP_UI | 751 | 751
  • UI_700 | 200 | 200
  • UI_INFRA 100 | SAPK-10017INUIINFRA |
  • SAP_UI 740 | SAPK-74017INSAPUI |
  • SAP_UI 750 | SAPK-75006INSAPUI |
  • UI_700 200 | SAPK-20006INUI700 |

Affected component

    CA-UI2-THD
    Theme Designer

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2349128

TAGS

#UI-redressing-attack
#Clickjacking
#Framing-Protection
#Framing
#IFrame
#UI-Redressing
#Clickjacking-Whitelist
#X-FRAME-OPTIONS
#UI-theme-designer

You may also like