Skip to main content
ExLibris

Knowledge Assistant

BETA
  • Subscribe by RSS
    • Back
    Aleph

     

    Ex Libris Knowledge Center
    1. Search site
      Go back to previous article
      2. Sign in
        • Sign in
        • Forgot password
    1. Home
    2. Aleph
    3. Knowledge Articles
    4. Security scans on Aleph 23 server complain about XSS Validation

    Security scans on Aleph 23 server complain about XSS Validation

    1. Last updated
    2. Save as PDF
    3. Share
      1. Share
      2. Tweet
      3. Share
    1. Description
    2. Resolution

    • Product: Aleph
    • Product Version: 23
    • Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care

    Description

    Possible XSS vulnerability in Aleph 23 OPAC when using 'Multi-base" search.
    XSS vulnerabilities occur when the Web application echoes user-supplied data in an HTML response sent to the Web browser....

    [Complete text of Security Scan Report found in Internal Note (viewable only by EL staff).] 

    The /exlibris/aleph/u23_1/alephe/tab/tab100 has been set to Y: 
    XSS-VALIDATION=Y 

    Resolution

    Corrected by version 23 rep_change 2131, which will be included in Service Pack 23.1.2. 

    • Article last edited: 6-Jun-2017
    View article in the Exlibris Knowledge Center
    1. Back to top
      • Security scan flags OpenSSL/0.9.8za as security risk
      • Security vulnerability issues – Basic troubleshooter
    • Was this article helpful?

    Recommended articles

    1. Article type
      Topic
      Language
      English
      Product
      Aleph
    2. Tags
      1. contype:kba
      2. Prod:Aleph
    1. © Copyright 2024 Ex Libris Knowledge Center
    2. Powered by CXone Expert ®
    • Term of Use
    • Privacy Policy
    • Contact Us
    2024 Ex Libris. All rights reserved