Funnelback patch 15.8.0.33
-
Released: 2019-09-13
-
Applies to: v15.8.0
-
Internal reference: RNDSUPPORT-3041
Description
-
Prevent XSS AngularJS sandbox bypassing injection in Freemarker templates by inserting zero-width whitespace between consecutive open-curly-brackets.
-
Please note, this patch was retracted due to incomplete solution causing template errors when used with certain Freemarker escaping modes. The 15.8.0.34 patch, which addresses this issue, should be used instead.