Security Advisory

CVE-2023-33988

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-07-11 02:26:57

Last updated 2024-10-21 21:10:43

Assigner sap

State PUBLISHED

Description

In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.

← Browse all CVEs View on cve.org ↗