Solution : https://service.sap.com/sap/support/notes/822881 (SAP Service marketplace login required)
Key words :
dynamically generate html based, dynamically generated content, cross site scripting, accept input parameters, htmlb content-tag, symptom xss support, bsp-extensions htmlb, bsp-extensions, content forceencode=, xss-attacks
Related Notes :
1607299 | Unauthorized modification of displayed content in PI Demo |
1411659 | |
1259414 | Cross Site Scripting:PCUI Stored JavaScript Vulnerability |
920404 | Java script error due to '"' in project description |
891232 | BSP Security Relevant Changes |
887168 | BSP Page Directive <%@page forceEncode="html"%> & <%html=%> |
782567 | Cross Site Scripting (XSS) |