SAP Note 1516177 - XSRFJava:Adopt API-PSI Utility Customer E-Services

Composant : Internet Self Services -

Solution : https://service.sap.com/sap/support/notes/1516177 (Connexion à SAP Service Marketplace requise)

Mots Clés :
terms cross-site request forgery, cross site scripting attack, utlitiy customer e-services, prerequisites sap_uces executes, referencing specific urls, specific parameters, malicious user, trigger functionality, billerdirect reason, attacker tricks

Notes associées :

1597549Unauthorized modification of displayed content in FSCM_BD
1509214Unauthorized usage of application functionality in FSCM_BD
1450166Unauthorized usage of application functionality