Cross-Site Scripting (XSS) vulnerability in IMP planning table
2347077 – Cross-Site Scripting (XSS) vulnerability in IMP planning table / CRM-MKT-MPL-TPM-IMP
IMP planning table / CRM-MKT-MPL-TPM-IMP does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Some well-known impacts of XSS vulnerability are:
non-permanently deface or modify displayed content from a Web site
steal authentication information of the user, such as data relating to his or her current session
impersonate the user and access all information with the same rights as the target user
XSS, stored XSS, reflected XSS, CSS
Reason and Prerequisites
The component has to be patched to protect user data.
Solution: Implement the Support Packages and Patches referenced by this SAP Note.