立即与支持人员聊天
与支持团队交流
自助服务工具
知识库
我的帐户
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
支持基本要素
奖项和客户评价
许可协议
支持指南

Identity Manager 产品通知

返回
Critical Alerts
Vulnerability in DOMPurify in One Identity Manager 8.2.x and 9.x local HTML5 documentation.
 
How does this affect me?
When installing the Identity Manager Client Tools, there is an option to install a local HTML copy of the product documentation on the target server. The install is also done by default on servers hosting Identity Manager Web Applications.  
 
This documentation was created using 3rd party software where recently a vulnerability in component DOMPurify version 1.0.11 has been detected.
Resolution
Version specific Hotfixes have been created to address this issue. A transport package is provided to install the hotfix.
 
It is recommended all customers on versions 8.2.x and above install the hotfixes on any servers hosting Identity Manager Web Applications, or that have the optional documentation installed. For more information and to download the hotfix, please see KB 4374509.
 
This issue will be resolved in all future releases.
 
We apologize for the inconvenience this issue may have caused.