Esko Logo Back to Esko Support

Page History

Choose your language for a machine translation:

Versions Compared

Old Version 1

changes.mady.by.user Jules

Saved on

compared with

New Version Current

changes.mady.by.user Jules

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated by Esko.Confluence integration from workflowwiki


Summary

Security scan reveals XXE vulnerability in the "saved search" area.

Symptoms

The name of a saved search can contain special characters which can be interpreted as a script and will be executed.
This is a low risk security issue since global searches can only be created by admin users.

More Information

For installation instructions and to download the hotfix, go to https://mysoftware.esko.com/Hotfixes/Details/201806015/18.0.1.

 

 


Article information
Applies to

 WebCenter 18.0.1

Created

  

Last revised 
AuthorJEPE
Case Number  WCR-27926


Panel
titleContents

Table of Contents
classinline-toc


Info

What is a Hotfix?

A Hotfix is a software package that you can install on an existing installation of our software. Each hotfix contains fixes for one or more known issues in our released software.

Because there is always a small chance for a hotfix to cause new issues, you should only install Recommended Hotfixes, unless otherwise instructed by your Esko Software Support team.


 

Copyright© 2015-2019 Esko. All trademarks or registered trademarks are property of their respective owners.