Skip links

Whitelist based Clickjacking Framing Protection in UI theme designer on ABAP, SAP security note 2349128

Description

UI theme designer on ABAP does not protect its applications against Clickjacking attacks.

Available fix and Supported packages

  • UI_INFRA | 100 | 100
  • SAP_UI | 740 | 740
  • SAP_UI | 750 | 750
  • SAP_UI | 751 | 751
  • UI_700 | 200 | 200
  • UI_INFRA 100 | SAPK-10017INUIINFRA |
  • SAP_UI 740 | SAPK-74017INSAPUI |
  • SAP_UI 750 | SAPK-75006INSAPUI |
  • UI_700 200 | SAPK-20006INUI700 |

Affected component

    CA-UI2-THD
    Theme Designer

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2349128

TAGS

#UI-redressing-attack
#Clickjacking
#Framing-Protection
#Framing
#IFrame
#UI-Redressing
#Clickjacking-Whitelist
#X-FRAME-OPTIONS
#UI-theme-designer