Symptom
When creating tile using Save as Tile option, it's possible to use HTML tags/javascript code on the name field.
Some examples:
- <h1>Hello</h1>
- <img/src/onerror=prompt(8)>
Read more...
Environment
SAP Fiori Launchpad
Product
SAP Fiori for SAP S/4HANA all versions
Keywords
Save as Tile, Fiori Launchpad, HTML, Vulnerability , KBA , CA-FLP-FE-UI , SAP Fiori Launchpad User Interface , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.