SUPPORT / SAMPLES & SAS NOTES
Problem Note 17592: Possible cross-site scripting issue in Preferences area of the Information Delivery Portal
 |  |  |  |  |
When using a cross-site scripting tool to check for possible security risks in the Preferences application of the Information Delivery Portal, a flag may be triggered. This flag will only occur if a value for the category supplied for the preference category is not a number. If using a script, the script is used in place of the number. In this case, an error will occur and the value that was not a number will be displayed in the browser. Displaying this value is a problem.
Select the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Information Delivery Portal | Microsoft Windows 2000 Professional | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 |
| Microsoft Windows XP Professional | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Microsoft Windows NT Workstation | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Microsoft Windows 2000 Server | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| 64-bit Enabled HP-UX | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Microsoft Windows 2000 Datacenter Server | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| 64-bit Enabled Solaris | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| Microsoft Windows 2000 Advanced Server | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||
| 64-bit Enabled AIX | 2.0 | 2.0 | 9.1 TS1M3 SP3 | 9.1 TS1M3 SP4 | ||