SAP BASIS & Security: SAP Note 1287570 - BBP_QUOT: Cross-Site Scripting ( XSS )

Monday, June 13, 2011

SAP Note 1287570 - BBP_QUOT: Cross-Site Scripting ( XSS )

Symptom
In the Internet Services BBP_QUOT, you can perform cross-site scripting using certain parameters.

Other terms
XSS

Reason and Prerequisites
The issue is caused by a program error.

Solution
Refer to the overview below to see in which Support Packages the error has been corrected. For an advance correction implement the correction instruction via SNOTE.

Affected Releases

Software Component	Release	From Release	To Release	And subsequent
SRM_SERVER	500	500	500
SRM_SERVER	550	550	550

Correction delivered in Support Package

Support Packages	Release	Package Name
SRM_SERVER	500	SAPKIBKS15
SRM_SERVER	550	SAPKIBKT15

Corrections Instructions

Correction Instruction	Valid from	Valid to	Software Component	Last Modifcation
1050834	550	550	SRM_SERVER	16.12.2008 19:45:49
1050835	500	500	SRM_SERVER	16.12.2008 20:04:30

Direct Link : https://service.sap.com/sap/support/notes/1287570

SAP BASIS & Security

Pages

Search This Blog

Monday, June 13, 2011

SAP Note 1287570 - BBP_QUOT: Cross-Site Scripting ( XSS )

No comments:

Post a Comment

Total Pageviews

Popular Posts

Blog Archive

SAP eBooks

SAP Engine - SAP Jobs