Tchater maintenant avec le support
Tchattez avec un ingénieur du support
Outils libre-service
Base de connaissances
Mon compte
Notifications et alertes
Support produits
Téléchargements de logiciels
Documentation technique
Forums utilisateurs
Didacticiels vidéo
Flux RSS
Les essentiels du support
Prix et témoignages
Contrat de licence
Guide du support

Identity Manager Notification sur les produits

Retour
Alertes critiques
Vulnerability in DOMPurify in One Identity Manager 8.2.x and 9.x local HTML5 documentation.
 
How does this affect me?
When installing the Identity Manager Client Tools, there is an option to install a local HTML copy of the product documentation on the target server. The install is also done by default on servers hosting Identity Manager Web Applications.  
 
This documentation was created using 3rd party software where recently a vulnerability in component DOMPurify version 1.0.11 has been detected.
Resolution
Version specific Hotfixes have been created to address this issue. A transport package is provided to install the hotfix.
 
It is recommended all customers on versions 8.2.x and above install the hotfixes on any servers hosting Identity Manager Web Applications, or that have the optional documentation installed. For more information and to download the hotfix, please see KB 4374509.
 
This issue will be resolved in all future releases.
 
We apologize for the inconvenience this issue may have caused.