Date: December 9, 2013
A cross site scripting vulnerability has been identified in the released version of Enterprise Random Password Manager v4.83.7. This does not affect Random Password Manager v4.83.7. This fix will be included in future releases of ERPM.
Please use the following steps to download and replace the AddPasswordListPassword.asp file.
- Download AddPasswordListPassword.zip
- Extract the included file, AddPasswordListPassword.asp
- Replace the file in the ERPM website installation directory, typically %inetpub%\wwwroot\pwcweb
- Replace the file in the ERPM website distribution folder, typically %programfiles(x86)%\Lieberman\Roulette\WebInterfac e
There is no need to restart IIS.
Enterprise Random Password Manager (ERPM)