Skip to main content


 

Symptoms


We found this vulnerability for SQL Injection for version 4.6.7 and wanted to know if it applies to 4.6.6 as well.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7299
https://packetstormsecurity.com/files/cve/CVE-2015-7299

If it does then we need to make plans to address this exploit and also plan an upgrade.

 

Diagnoses


We are always updating the security on our versions of K2.
 

Resolution

it is possible that if the vulnerability exited in 4.6.7 it might also be available in prior versions of K2. We have been doing some improvements to the security in the new releases of K2, specially in 4.6.8 and 4.6.9. We are on 4.6.11 so I would strongly recommend to upgrade to at least 4.6.10.
 




 
Be the first to reply!

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings