Solution : https://service.sap.com/sap/support/notes/943336 (SAP Service marketplace login required)
Key words :
cross-site scripting attacks, client-side scripting languages, j2ee servlet specification mechanism, attacker-injected malicious scripts, client-side script code, server-generated cookies - jsessionid, j2ee engine web container, #httponly# cookie attribute supported, client-side script, protect server cookies
Related Notes :
1506858 | |
1317545 | Applets/ ActiveX - HttpOnly Attr. for Cookie Sec. Protection |
1299574 | User authentication when uploading documents |
910284 | SAP WebAS Java 6.40 SP17 - List of corrections |