zia bot

Zia Bot request creation XSS issue in 14506 and above

Issue: Script gets executed in request details page when a script content is given in the description field while creating requests via Zia Bot. Issue occurs due to a breakage in v14506 .

Fix: Sanitize the description field during request creation through Zia Bot.

Instructions:
->Create a folder named "fixes" under <SDP-HOME> if not exists (Ex.,<Installation Folder>\ManageEngine\ServiceDesk\)directory. 
->Inside the "fixes" folder (<SDP-HOME>/fixes) paste the "14506_XSS_Ziabot.fjar" attached in this article.
->Restart the Application service.

Build compatibility: 14506 
For any other build no above 14506, kindly contact developer team before providing the fjar.

Issue ID: SD-119008



      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • Link Support for Zia Bot Message View Custom Function

                      Issue: Unable to show link in Zia Bot using Zia Bot's Custom Function (Message View) Fix: Link Support Provided Ex: Custom Function deluge Code: return {"display_message": "[Test Link](https://www.google.com)"}; Compatible only for 14500 ...

                    • Zia Approval / Request Reopen prediction fails due to the presence of Email Classification Headers

                      Issue: Zia Approval / Request Reopen prediction fails when the reply mails have Email Classification Header contents in it. Disclaimer: For eliminating Email Classification Headers while processing approval / reopen reply mails for Zia prediction, we ...

                    • Zia prediction failure due to security statements at the front of email content

                      Issue: Zia approval prediction fails when security statements are present at the starting of the mail content. Since we consider the first 100 characters and 2 sentences from the content, the approval comment given by the user was not considered due ...

                    • Zia-prerequisites

                      Dear Users, From Supportcenter Plus build 14300, if you are using Windows OS and, Visual C++ 2019 (or higher) Redistributable is not installed on your machine, Zia Approval / Request Reopen / Category & Template Prediction will be disabled by ...

                    • Zia-prerequisites

                      Dear Users, From ServiceDeskPlus MSP build 14300, if you are using Windows OS and, Visual C++ 2019 (or higher) Redistributable is not installed on your machine, Zia Approval / Request Reopen / Category & Template Prediction will be disabled by ...

                      Related Products