Issue Description
When you use the Out of Office function in the Worklist Control and configure an Out of Office exception rule, a stored XSS vulnerability can be triggered in the exception rule form.
Resolution
The fix is available in:
- Nintex Automation K2 (5.9) Fix Pack 09.
- Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.
- It is recommended to clear browser cache and refresh the page.