Symptom
You are using SAP Knowlegde Management (KM). After an upgrade to the newest version you cannot open files on portal. These files are located in a repository in SAP KM. Instead of opening a file you get an empty page, or you are asked to download the file.
This issue occurs after applying the SAP Security Note 2928635 - [CVE-2020-6284] Cross-Site Scripting (XSS) in SAP NetWeaver (Knowledge Management), or after upgrading KMC-CM component to a higher version than it is mentioned in the SAP Security Note 2928635.
Read more...
Environment
- SAP NetWeaver 7.3
- SAP enhancement package 1 for SAP NetWeaver 7.3
- SAP NetWeaver 7.4
- SAP Netweaver 7.5
Product
Keywords
EP, portal, html, script, pdf, doc, docx, word, xls, xlsx, excel, 2938162 - [CVE-2020-6293] Unrestricted File Upload in SAP NetWeaver (Knowledge Management), Force Text Download, Trusted locations, malicious file, preview, sp, upgrade, patch, java , KBA , EP-KM-CM , Content Management , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.