SAP Note 1616058 - XSRF possible in SPML Services in AS Java

Component : User Management Engine -

Solution : https://service.sap.com/sap/support/notes/1616058 (SAP Service marketplace login required)

Key words :
sap netweaver identity management reason, cvss information cvss base score, cross-site scripting attack, sap netweaver identity management, execute web application functions, icm/http/mod_0 = prefix=/, prerequisites spml services execute, spml service requests completely, cvss base score, 8cvss base vector

Related Notes :

1647267Solution Manager adaptation to Java UME security
1616259
1451753