SUPPORT / SAMPLES & SAS NOTES
 

Support

Problem Note 68561: SAS® Visual Investigator contains cross-site scripting vulnerabilities

DetailsHotfixAboutRate It

Severity: Medium

Description: SAS Visual Investigator contains DOM based and stored cross-site scripting vulnerabilities in certain page-control functionality.

Potential Impact: A user might unknowingly execute malicious code.

Click the Hot Fix tab in this note to access the hot fix for this issue for SAS® Visual Investigator 10.7.

This issue is also fixed in the SAS® Visual Investigator 10.8 update for February 2022.



Operating System and Release Information

Product FamilyProductSystemProduct ReleaseSAS Release
ReportedFixed*ReportedFixed*
SAS SystemSAS Visual InvestigatorLinux for x6410.710.8ViyaViya
* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.