Question
1
Replies
497
Views
EXPRESS SCRIPTS
Posted: July 13, 2018
Last activity: July 16, 2018
XML Stream mapping mode=literal severity warning which expose system to cross site scripting attacks
In V 7.2.2 XML Stream mapping mode=literal severity warning as below.
"Using "mode=literal" can expose the system to cross site scripting attacks - use with caution".
Installed HFIX-33128 yet this didn't resolve the issue.
Thanks,
shravan
***Edited by Moderator Marissa to update SR details**
Posted: 2 years ago
Hi SHRAVANR0960,
It looks like there are some post install steps for the hotfix in question. Can you try them:
After installing, run a Revalidate and Save (https://community1.pega.com/sites/pdn.pega.com/files/help_v731/procomhelpmain.htm#tools/revalidate/aboutrevalidation.htm) on all rules of type Rule-Obj-XML.