Solution : https://service.sap.com/sap/support/notes/1582870 (SAP Service marketplace login required)
Key words :
kernel patch level, kernel-based implementation, relevant sp level, symptom abap additions, abap additions, required sp, methods escape_xss_, output encoding, support package, fallback implementations
Related Notes :
| 1696318 | Architectural change |
| 1695900 | Architectural change |
| 1695897 | Architectural change |
| 1689009 | Unauthorized modification in BSP application in PlantManager |
| 1688048 | Technical corrections |
| 1687477 | |
| 1687426 | |
| 1685251 | |
| 1685062 | |
| 1684640 | Unauthorized modification in BSP applications in IS-M |
| 1683291 | Unauthorized modification in CA-GTF-SP-GEN |
| 1678715 | Unauthorized modification in CRM e-Mail Activity |
| 1678243 | Unauthorized modification of BSP in Webdocuments (2) |
| 1677194 | Unauthorized modif. of stored content in RSBCT_RFASH_ALI |
| 1677037 | Unauthorized modification of displayed content in CRM-IFS |
| 1676981 | Unauthorized modification in BSP applicat. of EP-PCT-PUR-BP |
| 1676849 | |
| 1676848 | Unauthorized modification of BSP in CRM-IC-OBJ |
| 1676846 | Unauthorized modification of BSP in CRM-MD-PRO |
| 1676754 | Unauthorized modification of BSP in Webdocuments |
| 1676753 | |
| 1676722 | Unauthorized modification of BSP in Webdocuments |
| 1676480 | Unauthorized modification in BSP appl. in EP-PCT-MGR-CO |
| 1676479 | Unauthorized modification in BSP application in CO-OM |
| 1676293 | |
| 1676217 | Architectural change |
| 1676211 | Unauthorized modification in BSP in CA-GTF-IC-BRO |
| 1675796 | Migration to new XSS-Library |
| 1675484 | Unauthorized modification in BSP in CRM-IC |
| 1675411 | Unauthorized modification in BSP in CRM-IC-SCR |
| 1675350 | Unauthorized modification in BSP appl. in CRM-ANA-MKT-CLV |
| 1675232 | Unauthorized modification in BSP in CRM-IC-CAM |
| 1675153 | Unauthorized modification of displayed content in BW-BCT-PLA |
| 1673853 | Unauthorized modification in BSP application in IS-HER-CM |
| 1673790 | Unauthorized modification in BSP application in IS-HER-CM |
| 1673038 | SUS: Unauthorized modification in BSP application SRMSUS |
| 1672579 | Architectural change |
| 1672450 | Architectural change |
| 1672442 | Unauthorized modification of BSP in CRM-ANA-BOJ-UI |
| 1672440 | Unauthorized modification of BSP in CRM-MKT-ML |
| 1672438 | Unauthorized modification of BSP in CRM-MKT-MPL |
| 1671695 | Unauthorized modification of BSP in CRM-MD-BP-PCU |
| 1671206 | Unauthorized modification of displayed content in BTF-Editor |
| 1671106 | Unauthorized modification of displayed content in ICM |
| 1671087 | |
| 1670220 | Unauthorized modification of ITS in IS-HER-CM |
| 1670098 | Unauthorized modification of BSP in Webdocuments |
| 1669048 | Unauthorized modification of BSP in CRM-ANA |
| 1666901 | |
| 1665704 | Unauthorized modification of BSP in CRM-MD-BP-CCP |
| 1665082 | Unauthorized modification of BSP in SRM-EBP-CA-SIG |
| 1665004 | Unauthorized modification of BSPs in CRM Grantor Management |
| 1659640 | Security: XSS vulnerability in SAP GUI for HTML |
| 1659560 | |
| 1659015 | |
| 1657332 | Architectural Change |
| 1657210 | Unauthorized mod. of displayed content in Web.Req. toolbox |
| 1656918 | Unauthorized mod. of displayed content in UAD_xx |
| 1654009 | Encoding for applications in SAP_HR and EA-HR |
| 1644634 | Using the new library for ABAP XSS Escaping |
| 1640304 | |
| 1632687 | Unauthorized modification in BSP in CA-GTF-IC-SCR 2 |
| 1611670 | Unauthorized changes to contents displayed in SEM_UPWB |
| 1610466 | Unauthorized modification of displayed content in TEST_SRT |
| 1609287 | Unauthorized modification of displayed content in Websurvey |
| 1601461 | Update #1 to Security Note 866020 |
| 1560585 | SAP Netweaver Gateway 2.0 Release Note |
| 1475840 | Downporting security functions in CL_HTTP_UTILITY |
| 866020 |