Issue Description
When you have embedded links within a Form, they become vulnerable to Cross-Site-Scripting.
Resolution
The fix is available in:
- K2 Five (5.4) March 2022 Cumulative Update Fix Pack 21.
- K2 Five (5.5) March 2022 Cumulative Update Fix Pack 29.
- K2 Five (5.6) Fix Pack 21.
- Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.