Solution : https://service.sap.com/sap/support/notes/1678243 (SAP Service marketplace login required)
Key words :
sufficiently encode output parameters, cross-site scripting issue, terms cross-site scripting, modify displayed application content, potentially obtain authentification information, cross-site scripting, ca-dms reason, prerequisites bsp pages, webdocuments [ca-dms], bsp application webdocuments
Related Notes :
| 1670098 | Unauthorized modification of BSP in Webdocuments |
| 1582870 | ABAP XSS Escaping Support |
| 1582867 | Security options (XSS) for ESCAPE |
| 1509753 | Webdocs:XSRF Protection for BSP Application WebDocuments. |
| 1505976 | Webdocs:Unauthorized Content Modification & Session Handling |
| 1420256 |