| Summary | WebGUI - Added fix for CoreServer Web Vulnerabilities |
| Platform | Windows |
| Category | bugfix |
| Valid for | 6.2.x, 6.3.x, 6.4.x |
| Requires | 1398, 1337 |
| Client Required Patch/es | |
| Supersedes | |
| Superseded by | |
| Affects | Server: Core |
| Last Updated | October 12, 2016 |
General Desciption: Fix for CoreServer Web Vulnerabilities Detailed Description: This patch will fix the vulnerability issues reported on the WebGUI.The Cross-Site Scripting (XSS) vulnerability, turning off of autocomplete in password fields, the vulnerability on the cookie not containing the "secure" and "HTTPONLY" attribute and csrf tokens implementation on forms as protection to CSRF attacks.
Unpack the zip file anywhere on the machine to patch. Run install.exe to start installation. Once the patch has been installed, you may delete the unpacked directory. NOTE: The patch must be installed by a user with administrator rights.
No corresponding Patches available.
Patch1419.zip