Advisory 2023-03/05 Minor Security Issue in Workflow
Vulnerability type | Improper input validation |
Versions affected | FileCloud Versions 22.1 and earlier |
Version fixed | FileCloud Version 22.1.1 and later |
Description
FileCloud Versions 22.1 and earlier allowed workflows to save scripts that were copied and pasted into variables.
This vulnerability has been fixed in FileCloud Versions 22.1.1.20926 and later, which do not allow workflows to save script pasted into variables.
What you should do to fix this vulnerability
- If you are using FileCloud Server, it is recommended that you update to the latest version, which is 22.1.1.20926 or greater. This will resolve the issue.
- If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.