eDiscovery Platform is potentially vulnerable to Stored Cross-Site Scripting

book

Article ID: 100048525

calendar_today

Updated On:

Description

Error Message

N/A

Cause

The end user must have malicious intent with programming knowledge and has been granted logon access to the eDP web pages.

Resolution

This issue is currently under investigation by Veritas Technologies LLC. Pending the outcome of the investigation, this issue may be resolved by way of a patch or hotfix in current or future revisions of the software. However, this particular issue is not currently scheduled for any release. If you feel this issue has a direct business impact for you and your continued use of the product, please contact your Veritas Sales representative or the Veritas Sales group to discuss these concerns.

Note: Customers experiencing this issue are encouraged to contact Veritas Technical Support as data is still being collected to assist in resolving this issue.

Issue/Introduction

A user with access to the eDiscovery Platform product can introduce 'Cross-Site' scripting into the product which can redirect an end-user to a different web page.

Additional Information

JIRA: ESA-55837

Was this article helpful?

thumb_up Yes

thumb_down No

Welcome to "KB Articles"