ADSelfService Plus 6104 released with an important security fixes
We are glad to announce the release of build 6104 with the following vulnerability issue fixes:
Vulnerability issue fixes:
- A vulnerability that in rare cases allowed bypassing CAPTCHA in the ADSelfService Plus login page has been fixed.
- A rare Cross-Site Scripting attack vulnerability in the e-mail address field used in the employee search feature has been fixed. (Reporter: Matt CVE-ID: CVE-2021-27956))
- A vulnerability that in rare cases can cause Reflected Cross-Site Scripting attacks has been fixed.
- A vulnerability that in rare cases let attackers expose information about the database application configured for password sync has been fixed [CVE-2021-31874].
- A vulnerability that in rare cases let attackers bypass the ADSelfService Plus' admin portal access restriction based on IP addresses has been fixed.
New to ADSelfService Plus?
Download the fully functional 30-day free trial now.
ADSelfService Plus Team
Toll Free: +1-84-245-1104