Skip to main content

Issue Description

When you enable the 'Prevent XSS' property on the data label, it is only working partially and you are still able to get the data label in a list view to execute the script.

Resolution

The fix is available in:

  1. Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
  2. Download the latest Fix Pack using the links in the table above for the version you require.
  3. Install the Fix Pack to apply the fix.
  4. It is recommended to clear browser cache and refresh the page.
Be the first to reply!

Reply