Previous Topic: XSS and BadCSSChars (144850)Next Topic: Custom .net Applications not working after IIS7 Web Agent Upgrade (144135)

Release NotesWeb Agent Release NotesDefects Fixedr12.0.3.09 Agents for IIS with ARR in Classic Pipeline Mode not Prompting for Credentials (154054)POST Preservation Data Security Vulnerablity (144792)

POST Preservation Data Security Vulnerablity (144792)

Symptom:

The Web Agent does not detect and block XSS script if the script is associated with POST preservation data in an .fcc file. The Web Agent does not encode the XSS chars either. Due to these issues, the script gets executed resulting in a a security vulnerability.

Solution:

This is no longer an issue.

STAR Issue: 20219379-01, 20455177-01