Security Update - A potential misuse of the "Send To Email" functionality
Subject: A potential misuse of the "Send To Email" functionality
Overview
Ex Libris was notified of an issue regarding the potential to misuse the multiple recipient mail functionality in Primo.
A potential misuse of the "Send To Email" functionality can result in multiple e-mails being sent from Primo to a long list of recipients.
Effective Security Severity Level:
Medium
Affected Systems:
Primo
Tests and Certifications:
The mitigation for this issue has been identified.
Actions Taken for Hosted Systems:
Ex Libris has implemented a solution for our cloud customers to protect against misuse of the Send To Email functionality so that patrons will not be able to use this function to send emails to multiple recipients.
Required Actions for On-Premises and Local Systems:
Primo customers with on-premise implementations can find instructions for preventing misuse of this functionality on the Knowledge Center.
We are working on a comprehensive solution as part of the Primo August release.