Issue Description
When you use the 'Navigate to URL' SmartForms action, you may discover that it is vulnerable to stored and reflected cross-site scripting (XSS) attacks.
Resolution
The fix is available in:
- K2 Five (5.6) Fix Pack 44.
- Nintex Automation (5.7) Fix Pack 25.
- Ensure you have the correct K2 version and/or Cumulative update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.