RSSO Non-Persistent Cross-Site Scripting (XSS) security vulnerability

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Remedy Single Sign On


    COMPONENT:

    Remedy Single Sign On


    APPLIES TO:

    Remedy Single Sign-On (RSSO) 18.02 or earlier



    PROBLEM:

    It was found during security testing that RSSO is vulnerable to Non-Persistent Cross-Site Scripting (XSS) security vulnerability.  How can the security issue be addressed?


    CAUSE:

    Discovered security vulnerability defect # DRSMX-12593


    SOLUTION:

    - Upgrade to RSSO 18.05 or later version as the security issue has been resolved. 
    - The issue only exists in 18.02 or earlier versions.


    Article Number:

    000175246


    Article Type:

    Solutions to a Product Problem



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles