SAP Note 1523755 - NWBC: Security problem: launching sapgui out of HTML shell

Component : Please use BC-FES* -

Solution : https://service.sap.com/sap/support/notes/1523755 (SAP Service marketplace login required)

Key words :
terms cross-site request forgery, cross site scripting attack, netweaver business client executes, netweaver business client, referencing specific urls, specific parameters, malicious user, trigger functionality, attacker tricks, authenticated user'

Related Notes :

1368177SAP NWBC v3.0 Release on NW7.00 and NW701
1353538NWBC -Patch Collection- SERVER SIDE (ABAP)+NWBC for HTML