Problem Note 67256: SAS® Anti-Money Laundering contains a cross-site scripting vulnerability
Severity: Medium
Description: An authenticated user can store malicious JavaScript in the comment and description of a case.
Potential Impact: If a user accesses the case to edit the comment or description, the malicious JavaScript is executed in the browser.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
SAS System | SAS Anti-Money Laundering | Microsoft® Windows® for x64 | 7.1 | | | |
64-bit Enabled AIX | 7.1 | | | |
64-bit Enabled Solaris | 7.1 | | | |
Linux for x64 | 7.1 | | | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | high |
Date Modified: | 2021-01-22 09:00:48 |
Date Created: | 2021-01-18 14:41:20 |