Issue Description
When you enable the 'Prevent XSS' property on the data label, it is only working partially and you are still able to get the data label in a list view to execute the script.
Resolution
The fix is available in:
- Nintex Automation (5.7) Fix Pack 19.
- Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.
- It is recommended to clear browser cache and refresh the page.