SAP Note 1509016 - Unauthorized usage of application functionality in SAP_HR

Component : Payroll: General Parts -

Solution : https://service.sap.com/sap/support/notes/1509016 (SAP Service marketplace login required)

Key words :
terms cross-site request forgery, cross site scripting attack, transport request number, prerequisites sap_hr executes, gui configuration pushbutton, referencing specific urls, add service parameters, specific parameters, malicious user, trigger functionality

Related Notes :

1481392Cross Site Request Forgery Protection for ITS