Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Security scans on Aleph 23 server complain about XSS Validation

    • Product: Aleph
    • Product Version: 23
    • Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care


    Possible XSS vulnerability in Aleph 23 OPAC when using 'Multi-base" search.
    XSS vulnerabilities occur when the Web application echoes user-supplied data in an HTML response sent to the Web browser....

    [Complete text of Security Scan Report found in Internal Note (viewable only by EL staff).] 

    The /exlibris/aleph/u23_1/alephe/tab/tab100 has been set to Y: 


    Corrected by version 23 rep_change 2131, which will be included in Service Pack 23.1.2. 

    • Article last edited: 6-Jun-2017
    • Was this article helpful?