Solution : https://service.sap.com/sap/support/notes/1597549 (SAP Service marketplace login required)
Key words :
utilize standard sap netweaver api, encode illegal characters causing attack, terms reflected cross-site scripting, reflected cross-site scripting issue, reflected cross-site scripting attack, reflected cross-site scripting, standard jsp content delivered, sufficiently encode output parameters, potentially obtain authentication information, modify displayed application content
Related Notes :
| 1537670 | Unauthorized usage of application functionality in FSCM_BD |
| 1516177 | XSRFJava:Adopt API-PSI Utility Customer E-Services |
| 1515190 | Composite SAP Note: Security of SAP Biller Direct |
| 1509214 | Unauthorized usage of application functionality in FSCM_BD |
| 1450166 | Unauthorized usage of application functionality |