K2 identified an issue regarding insecure deserialization that affects all Endpoint SmartObject Service Types. For more information see KB003329 - Behavioral change in K2 Endpoint Service Types.
The fix is available in the following K2 versions:
K2 4.7 March 2018 Cumulative Update | K2 Five (5.0) September 2018 Cumulative Update | K2 Five (5.1) November 2018 Cumulative Update | K2 Five (5.2) May 2019 Cumulative Update | K2 Five (5.3) |
---|---|---|---|---|
Fix Pack 51 | Fix Pack 18 | Fix Pack 22 | Fix Pack 13 | Fix Pack 18 |