Previous Topic: Possible Locale and File Name Case-Sensitivity in Localized FCC Forms (CQ136679, CQ136482)Next Topic: Password Change Links not Embedded in FCC Files use Different Syntax (CQ133285)

Release NotesWeb Agent Release NotesDefects FixedDefects fixed in r12.0 SP3 CR4 through CR7CSS Vulnerability with FCCs Corrected (CQ143044, 139648)

CSS Vulnerability with FCCs Corrected (CQ143044, 139648)

Symptom:

SiteMinder FCC URLs were vulnerable to cross-site-scripting.

Solution:

The values used by the BadFormChars agent configuration parameter were updated. This issue is fixed.

STAR Issue: 20340892:01