Cross-Site Scripting Vulnerability

This document explains the Cross-site Scripting Vulnerability on the DomainList page under proxy settings reported by Walter.

What was the problem?

This vulnerability allows authenticated users to perform stored XSS via pageType and urlType parameters which helps to perform further operations.

How do I fix it?

This has been identified and fixed in Desktop Central build 10.0.585. To apply this fix, please follow the steps below:

  1. Log in to your Desktop Central console, click on your current build number on the top-right corner.
  2. You'll be able to find the latest build applicable to you. Download the PPM and update.
  3.  

    Keywords: Security Updates, Vulnerabilities, validatedUrls.do