XML Stream mapping mode=literal severity warning which expose system to cross site scripting attacks

Question

Replies

511

Views

SHRAVANR0960

Member since 2017

1 post

EXPRESS SCRIPTS

Closed

XML Stream mapping mode=literal severity warning which expose system to cross site scripting attacks

In V 7.2.2 XML Stream mapping mode=literal severity warning as below.
"Using "mode=literal" can expose the system to cross site scripting attacks - use with caution".

Installed HFIX-33128 yet this didn't resolve the issue.

Thanks,

shravan

***Edited by Moderator Marissa to update SR details**

Security

Support Case Exists

Br@dTainter_GCS

PEGA

replied to SHRAVANR0960

Hi SHRAVANR0960,

It looks like there are some post install steps for the hotfix in question. Can you try them:

After installing, run a Revalidate and Save (https://community1.pega.com/sites/pdn.pega.com/files/help_v731/procomhelpmain.htm#tools/revalidate/aboutrevalidation.htm) on all rules of type Rule-Obj-XML.

Personalized tools to propel your success

Contact a moderator

Question

XML Stream mapping mode=literal severity warning which expose system to cross site scripting attacks

About Pegasystems

Related content:

Question

XML Stream mapping mode=literal severity warning which expose system to cross site scripting attacks

About Pegasystems

We'd prefer it if you saw us at our best.