59014 - The SAS® solutions web client documentation contains a cross-site scripting vulnerability

SUPPORT / SAMPLES & SAS NOTES

Problem Note 59014: The SAS® solutions web client documentation contains a cross-site scripting vulnerability

Severity: Medium

Description: The SAS documentation facility included with multiple web clients of SAS solutions contains a cross-site scripting vulnerability

Potential Impact: Users might unknowingly execute malicious code.

To obtain a fix for this issue, contact SAS Technical Support.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
Product Family	Product	System	Reported	Fixed*	Reported	Fixed*
SAS System	SAS Help Viewer for the Web	Solaris for x64	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		Linux for x64	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		HP-UX IPF	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		64-bit Enabled Solaris	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		64-bit Enabled AIX	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		Microsoft® Windows® for x64	9.3	9.3	9.3 TS1M0	9.4 TS1M2
		z/OS	9.3	9.3	9.3 TS1M0	9.4 TS1M2

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	high

Date Modified:	2020-03-31 11:38:52
Date Created:	2016-09-20 11:18:36