Issue Description

When you have embedded links within a Form, they become vulnerable to Cross-Site-Scripting.

Resolution

The fix is available in:

• K2 Five (5.4) March 2022 Cumulative Update Fix Pack 21.
• K2 Five (5.5) March 2022 Cumulative Update Fix Pack 29.
• K2 Five (5.6) Fix Pack 21.

1. Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
2. Download the latest Fix Pack using the links in the table above for the version you require.
3. Install the Fix Pack to apply the fix.