# Cross-Site Scripting Vulnerability

This document explains the **Cross-site Scripting Vulnerability** on the DomainList page under proxy settings as reported by **Walter**.

### What was the problem?

This vulnerability allows unauthenticated users to perform stored XSS via `pageType` and `urlType` parameters which helps to perform further operations.

### How do I fix it?

This has been identified and fixed in **Endpoint Central build 10.0.585**. To apply this fix, please follow the steps below:

1. Log in to your Endpoint Central console, click on your current build number on the top-right corner.
2. You'll be able to find the latest build applicable to you. Download the PPM and update.

**Keywords:** Security Updates, Vulnerabilities, validatedUrls.do