Zia Bot request creation XSS issue in 14506 and above
Issue: Script gets executed in request details page when a script content is given in the description field while creating requests via Zia Bot. Issue occurs due to a breakage in v14506 .
Fix: Sanitize the description field during request creation through Zia Bot.
Instructions:
->Create a folder named "fixes" under <SDP-HOME> if not exists (Ex.,<Installation Folder>\ManageEngine\ServiceDesk\)directory.
->Inside the "fixes" folder (<SDP-HOME>/fixes) paste the "14506_XSS_Ziabot.fjar" attached in this article.
->Restart the Application service.
Build compatibility: 14506
For any other build no above 14506, kindly contact developer team before providing the fjar.
Issue ID: SD-119008
New to ADSelfService Plus?