# Security Updates on Vulnerabilities

## Cross Site Scripting Vulnerability (XSS)

This document will explain you about the Vulnerability, which allows remote attackers to inject client-side script into Endpoint Central's web page. You can find more details on its impact in Endpoint Central, and the steps to be followed to get it fixed.

| Vulnerability | Update Released Build | Update Released Date |
|---|---|---|
| Cross Site Scripting | 90128 | Jan 22nd 2015 |
| Multiple Cross Site Scripting vulnerabilities has been fixed | 92026 | Mar 9th 2016 |

### What was the Problem?

This vulnerability allows remote attackers to inject client-side script into Endpoint Central's web page.

### How do I fix it?

This has been identified and fixed in the Endpoint Central build **92026**. [Upgrade](https://www.manageengine.com/products/desktop-central/service-packs.html) to the latest build for this issue to be fixed.

**Keywords:** Security Updates, Vulnerabilities and Fixes, Cross Site Scripting (XSS)

[Knowledge Base](https://www.manageengine.com/products/desktop-central/knowledge-base.html)