Cross-Site Scripting (XSS) vulnerability in IMP planning table

2347077 – Cross-Site Scripting (XSS) vulnerability in IMP planning table / CRM-MKT-MPL-TPM-IMP

Symptom

IMP planning table / CRM-MKT-MPL-TPM-IMP does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Component: CRM-MKT-MPL-TPM-IMP

Some well-known impacts of XSS vulnerability are:

non-permanently deface or modify displayed content from a Web site

steal authentication information of the user, such as data relating to his or her current session

impersonate the user and access all information with the same rights as the target user

Other Terms

XSS, stored XSS, reflected XSS, CSS

Reason and Prerequisites

The component has to be patched to protect user data.

Solution:  Implement the Support Packages and Patches referenced by this SAP Note.

You may also like...

1 Response

  1. Raghuchowdary says:

    Good working..

Leave a Reply

Your email address will not be published. Required fields are marked *