70876 - SAS® Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability

SUPPORT / SAMPLES & SAS NOTES

Support

Submit a Problem
Update a Problem
Check Problem Status
SAS Administrators
Security Bulletins
License Assistance
Manage My Software Account
Downloads & Hot Fixes
Samples & SAS Notes

Problem Note 70876: SAS® Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability

Severity: High

Description: SAS Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability that allows JavaScript code to be injected via a certain POST request and executed on browser.

Potential Impact: Users might unknowingly execute malicious code.

Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	SAS Visual Analytics (on SAS 9.x)	Microsoft® Windows® for x64	7.51	7.52	9.4 TS1M7	9.4 TS1M8
		Linux for x64	7.51	7.52	9.4 TS1M7	9.4 TS1M8

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	high

Date Modified:	2024-07-25 07:57:26
Date Created:	2024-07-05 00:17:57

Support

Problem Note 70876: SAS® Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability

Operating System and Release Information

Follow Us

What is...