Solution : https://service.sap.com/sap/support/notes/1505302 (SAP Service marketplace login required)
Key words :
terms cross-site request forgery, cross site scripting attack, purchasing agent role execute, transport request number, database table bsptempxsrfstore, referencing specific urls, affected bsp applications, bsp applications adapted, purchasing agent, bsp applications
Related Notes :
| 1540729 | ASU content for activating XSRF protection for BSP |
| 1520324 | Advance creation of XSRF information |