Overview:
A user navigates to the Event tab and opens an event. This produces an error: Bad Request. If the web page is checked in developer mode (e.g. in Chrome: More Tools - Developers Tools) an error message is displayed: No 'Access-Control-Origin' header is present on the requested resource.

Root Cause:
Permission Sets are incorrectly configured in the org.
Solution:
Veeva Setting PermissionSet Support needs to be enabled for all profiles that use Permission Sets.
- Navigate to: Setup --> Develop --> Custom Settings --> Veeva Settings.
- Click on Manage.
- Enable the PermissionSet Support Veeva Setting.
Apex class VeevaUserPermissions needs to be enabled for all profiles in the org if the org uses Permission Sets.
- Navigate to: Setup --> Develop --> Apex Class --> VeevaUserPermissions.
- Click on Security.
- Enable it for all profiles in the org.
Related Documentation:
CRM Help Documentation: Implementing Security in Veeva CRM
Thank you