Esko Logo Back to Esko Support
Choose your language for a machine translation:


Summary

Security scan reveals XXE vulnerability in the "saved search" area.

Symptoms

The name of a saved search can contain special characters which can be interpreted as a script and will be executed.
This is a low risk security issue since global searches can only be created by admin users.

More Information

For installation instructions and to download the hotfix, go to https://mysoftware.esko.com/Hotfixes/Details/201806015/18.0.1.

 

 

Article information
Applies to

 WebCenter 18.0.1

Created

  

Last revised 
AuthorJEPE
Case Number WCR-27926
Contents

What is a Hotfix?

A Hotfix is a software package that you can install on an existing installation of our software. Each hotfix contains fixes for one or more known issues in our released software.

Because there is always a small chance for a hotfix to cause new issues, you should only install Recommended Hotfixes, unless otherwise instructed by your Esko Software Support team.

 

Copyright© 2015-2019 Esko. All trademarks or registered trademarks are property of their respective owners.