While processing a purchase order response in SUS you are able to enter text that can be interpreted and executed as a script. For example:
After saving the document this script would trigger a popup each time the PO is accessed. Similarly a malicious script could be entered which could cause security issues when executed.
- SAP Supplier Relationship Management (SRM) 7.0 and higher
- SAP enhancement package for SAP Supplier Relationship Management
- Supplier Self Services (SUS)
cross site scripting, BBP_PDH_XSS_REPLACE, long text parsing , KBA , xss_replace_on , bbpc_xss_replace , SRM-SUS , Supplier Self-Services , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.