Code Fix: XSS vulnerability occurs before logging into K2

  • 31 October 2023
  • 0 replies

Badge +4

Issue Description

When you navigate to the K2 site login page, a vulnerability occurs via the ‘_debug’ parameter.


The fix is available in:

  1. Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
  2. Download the latest Fix Pack using the links in the table above for the version you require.
  3. Install the Fix Pack to apply the fix.
  4. It is recommended to clear browser cache and refresh the page.

0 replies

Be the first to reply!