ERPM Cross Site Scripting in version 4.83.7

Follow

Version: 1.0
Date: December 9, 2013

Problem

A cross site scripting vulnerability has been identified in the released version of Enterprise Random Password Manager v4.83.7. This does not affect Random Password Manager v4.83.7. This fix will be included in future releases of ERPM.

Resolution

Please use the following steps to download and replace the AddPasswordListPassword.asp file.

  1. Download AddPasswordListPassword.zip
  2. Extract the included file, AddPasswordListPassword.asp
  3. Replace the file in the ERPM website installation directory, typically %inetpub%\wwwroot\pwcweb
  4. Replace the file in the ERPM website distribution folder, typically %programfiles(x86)%\Lieberman\Roulette\WebInterfac e
  5. Done.


There is no need to restart IIS.

Applies To

Enterprise Random Password Manager (ERPM)

Was this article helpful?
0 out of 0 found this helpful

Comments

Powered by Zendesk