Skip links

Whitelist based Clickjacking Framing Protection in NWBC for HTML, SAP security note 2319174

Description

NWBC for HTML does not protect its applications against Clickjacking attacks.

Available fix and Supported packages

  • SAP_UI | 740 | 740
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 711 | 711
  • SAP_BASIS | 730 | 730
  • SAP_BASIS | 731 | 731
  • SAP_BASIS 731 | SAPKB73119 |

Affected component

    BC-FES-BUS-HTM
    HTML

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2319174

TAGS

#UI-redressing-attack
#Clickjacking
#Framing-Protection
#Framing
#IFrame
#UI-Redressing
#Clickjacking-Whitelist
#X-FRAME-OPTIONS
#NWBC-for-HTML