Security Updates
ID | Description |
|---|---|
1324866 | Fixed a Broken Access Control vulnerability and removed the onclick event for the disabled button in Audit web interface, that could lead to unauthorized information disclosure, modification or performing an activity outside the userās limits. |
1324866 | Sanitized user inputs and added error messages in the Document Checkout comments for eCase Audit to prevent stored XSS attacks and ensured proper escaping of rendered content in the Action History Log. |
1324561 | Addressed a security vulnerability where predictable and incrementable request parameters allowed unauthorized enumeration of documents. Ensured proper authorization checks are enforced to prevent exposure, discovery, modification, or deletion of sensitive files accessible through this endpoints. |