Solution : https://service.sap.com/sap/support/notes/1671106 (SAP Service marketplace login required)
Key words :
symptom crm-ips-icm-cmg, crm-ips-icm reason, modify displayed application content, potentially obtain authentication information, terms cross site scripting, sufficiently encode output parameters, cross site scripting issue, cross site scripting attack, -permanently modify displayed content, malicious user allowing
Related Notes :
1582870 | ABAP XSS Escaping Support |
1582867 | Security options (XSS) for ESCAPE |