This is an old revision of this page, as edited October 12, 2019, 1:55 PM by pegasus(contribs). It may differ significantly from the current revision.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.
Common Name None VWE-ID VWE-2019-5193 Related Report None Severity Template:Normal Severity XSS Exploit Difficulty Template:Medium XSS Platform Affects all platforms supported by the vulnerable versions. Description HTML/Javascript Injection. By leveraging XHR requests, users may be able to embed new HTML in the requested page or save content that is rendered as HTML, without appropriate permission.
Discovered May 6, 2019 Resolved June 7, 2019 Patches Available 4.0.26 Patch Level 1
4.0.25 Patch Level 3
4.0.24 Patch Level 5
4.0.23 Patch Level 7