You are using SAP Knowlegde Management (KM). After an upgrade to the newest version you cannot open files on portal. These files are located in a repository in SAP KM. Instead of opening a file you get an empty page, or you are asked to download the file.
In Google Chrome 88 you get the following error when you try to open a pdf file:
This issue occurs after applying the SAP Security Note 2928635 - [CVE-2020-6284] Cross-Site Scripting (XSS) in SAP NetWeaver (Knowledge Management), or after upgrading KMC-CM component to a higher version than it is mentioned in the SAP Security Note 2928635.
- SAP NetWeaver 7.3
- SAP enhancement package 1 for SAP NetWeaver 7.3
- SAP NetWeaver 7.4
- SAP Netweaver 7.5
EP, portal, html, script, pdf, doc, docx, word, xls, xlsx, excel, 2938162 - [CVE-2020-6293] Unrestricted File Upload in SAP NetWeaver (Knowledge Management), Force Text Download, Trusted locations, malicious file, preview, sp, upgrade, patch, java, ie11, internet explorer , KBA , EP-KM-CM , Content Management , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.