Problem Note 70876: SAS® Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability
Severity: High
Description: SAS Visual Analytics 7.51 and 7.52 contain a stored cross-site scripting (XSS) vulnerability that allows JavaScript code to be injected via a certain POST request and executed on browser.
Potential Impact: Users might unknowingly execute malicious code.
Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.
Operating System and Release Information
SAS System | SAS Visual Analytics (on SAS 9.x) | Microsoft® Windows® for x64 | 7.51 | 7.52 | 9.4 TS1M7 | 9.4 TS1M8 |
Linux for x64 | 7.51 | 7.52 | 9.4 TS1M7 | 9.4 TS1M8 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | high |
Date Modified: | 2024-07-25 07:57:26 |
Date Created: | 2024-07-05 00:17:57 |