Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The session cookie used by SAP Enable Now, version 1902, does not have the HttpOnly flag set. If an attacker runs script code in the context of the application, he could get access to the session cookie. The session cookie could then be abused to gain access to the application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Enable Now 输入验证错误漏洞
Vulnerability Description
SAP Enable Now是德国思爱普(SAP)公司的一套协作内容创作、管理和共享平台。该平台主要用于SAP和非SAP系统的在线学习和培训等。 SAP Enable Now 1902版本中存在输入验证错误漏洞。攻击者可利用该漏洞访问会话cookie,进而访问应用程序。
CVSS Information
N/A
Vulnerability Type
N/A