SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap businessobjects business intelligence 410 |
||
sap businessobjects business intelligence 420 |
||
sap businessobjects business intelligence 430 |