ProcessMaker Forum | BPM Workflow Simplified

workflow simplified
https://forum.processmaker.com/

XSS Vulnerability Processmaker 2.5.2

https://forum.processmaker.com/viewtopic.php?f=9&t=707420

Page 1 of 1

XSS Vulnerability Processmaker 2.5.2

Posted: Tue Nov 25, 2014 1:44 am
by ptmi1047
Hi Processmaker team,

I have a vulnerability scan report for Processmaker 2.5.2 which I got from our IT Security team. There are 3 vulnerability L5 found, it related to Reflected Cross-Site Scripting (XSS) Vulnerabilities as you can see in attached images.

It would be great if you can fix the vulnerability.


Thanks.

Re: XSS Vulnerability Processmaker 2.5.2

Posted: Tue Nov 25, 2014 8:43 am
by liliana
Hi,

Thanks for reporting this. Don't worry about this issue, this is being tested by our QA team and we are taking the necessary actions to solve this.

Regards!

Re: XSS Vulnerability Processmaker 2.5.2

Posted: Wed Nov 26, 2014 11:50 pm
by ptmi1047
Hi Liliana,

Please let me know if you have any updates on this.


Thanks.

Re: XSS Vulnerability Processmaker 2.5.2

Posted: Mon Jan 12, 2015 5:22 am
by ptmi1047
Hi Liliana,

Do you have any updates on this.


Thanks.

Re: XSS Vulnerability Processmaker 2.5.2

Posted: Mon Jan 12, 2015 8:45 am
by liliana
HI,

Yes, our dev. Team told us that this will be fixed in the next ProcessMaker version (next to v. 2.8 ).

An exact date of this release will be announced in next weeks.

Regards,

Re: XSS Vulnerability Processmaker 2.5.2

Posted: Fri Jan 23, 2015 5:43 am
by ptmi1047
Hi Liliana,

What version is it? V2.8?
All times are UTC-04:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/