Page 1 of 1

Online Help Security Scan Issue

Posted: Wed Mar 04, 2020 2:20 pm
by cynthiad
Hi Sabine,
This is an old problem. I recently upgraded to Ver 6. Do you know if it has been fixed in newer versions such as Ver 6? The problem is with jQuery. I read in the Ver 6 release notes that doc-to-help Upgraded the NetHelp CSS to jQuery UI 1.12.1. Has this fixed the problem? Please see old problem information below. Thanks in advance.

Thanks,
Cynthia Didio

--------------Some Background from the past------------
Online Help Security Scan Issue
Postby cynthiad on Mon Nov 05, 2018 10:14 am

HI,
I have a security issue.

We did a Vericode scan and the scan showed that the online documentation threw 27 Cross-Site Scripting errors. They all dealt with one javascript file which contains a JQuery cookie reference. We believe it’s the JQuery cookie reference that’s causing the Cross-Site Scripting errors.

Have you seen this issue? Can it be resolved?

Thanks,
Cynthia Didio

---------------------------------------------
Re: Online Help Security Scan Issue

Postby SKamprowski on Tue Nov 06, 2018 7:02 am
Subject: Online Help Security Scan Issue
SKamprowski wrote:Hi,

I suggest to do a test with current DocToHelp Version i.e. V5. I assume it doen't matter when you try it with a test Installation, best on another machine.
Kind regards,
Sabine Kamprowski
DocToHelp MVP (by ComponentOne)