SAP Note 1392352 - Security note: Cross-site scripting
Symptom
You are using a 3.X Business Explorer (BEx) Web runtime. Cross-site scripting is possible via a displayed error message.
Other terms Web, runtime, security, cross-site scripting
XSS
Reason and Prerequisites This problem is caused by a program error.
Solution
SAP BW 3.0 / 3.5
Implement this note for SAP BW 3. 0 or import Support Package 26 for BW 3.50.
SAP NetWeaver BI 7.00
Import Support Package 23 for SAP NetWeaver BI 7. 00 (SAPKW70023) into your BI system. The Support Package is available when Note 1367799 "SAPBINews NW BI 7.0 ABAP SP23", which describes this Support Package in more detail, is released for customers.
SAP NetWeaver BI 7.01 (SAP NW BI 7.0 Enhancement Package 1)
Import Support Package 06 for SAP NetWeaver BI 7. 01 (SAPKW70106) into your BI system. The Support Package is available when Note 1369212 "SAPBINews NW BI 7.01 ABAP SP06", which describes this Support Package in more detail, is released for customers.
SAP NetWeaver BI 7.11
Import Support Package 04 for SAP NetWeaver BI 7. 11 (SAPKW71104) into your BI system. The Support Package is available when Note 1367864 "SAPBINews NW BI 7.11 ABAP SP04", which describes this Support Package in more detail, is released for customers.
SAP NetWeaver BI 7.20
Import Support Package 02 for SAP NetWeaver BI 7. 20 (SAPKW72002) into your BI system. The Support Package is available when Note 1387280 "SAPBINews NW BI 7.2 ABAP SP02", which describes this Support Package in more detail, is released for customers. In urgent cases, you can implement the correction instructions as an advance correction. You must first read Note 875986, which provides information about transaction SNOTE.
To provide information in advance, the notes mentioned above may already be available before the Support Package is released. In this case, the short text of the note contains the words "Preliminary version".
No comments:
Post a Comment