Code Fix: Incorrect execution of the “When the server loads the Form/View” rule
K2 Five 5.3 to 5.4
K2 Five (5.3) April 2020 Cumulative Update
K2 Five (5.3) April 2020 Cumulative Update Fix Pack 16 to K2 Five (5.4) Fix Pack 8
When you use the “When the server loads the Form/View” rule on a form or view, and you have a parameter with a script as the parameter value, the parameter is not encoded and the script executes using the form or view parameter.
The fix is available in the following K2 versions:
|K2 4.7 December 2019 Cumulative Update||K2 Five (5.0) December 2019 Cumulative Update||K2 Five (5.1) November 2018 Cumulative Update||K2 Five (5.2) May 2019 Cumulative Update||K2 Five (5.3) April 2020 Cumulative Update||K2 Platform Classic(5.4)|
|X||X||X||X||Fix Pack 16||Fix Pack 8|
- Ensure you have the correct K2 version and/or Cumulative Update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.