Problem Note 62232: SAS® Anti-Money Laundering contains a cross-site scripting vulnerability
Severity: Medium
Description: URL parameters are not validated, which allows a reflected cross-site scripting (XSS) vulnerability to exist.
Potential Impact: HTML or JavaScript code could be injected into a web page.
Click the Hot Fix tab in this note to access the hot fix for this issue.
This security vulnerability is fixed in Hot Fix 4 (A5T005).
Operating System and Release Information
SAS System | SAS Anti-Money Laundering | Microsoft® Windows® for x64 | 7.1 | | | |
64-bit Enabled AIX | 7.1 | | | |
64-bit Enabled Solaris | 7.1 | | | |
Linux for x64 | 7.1 | | | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | alert |
Date Modified: | 2019-04-10 07:30:22 |
Date Created: | 2018-04-27 18:01:19 |