Critical security error

[aguerriero]

I am generating a WebHelp output for a web application using Flare 8.

My team runs a security scan on everything using an app called Cloudscan and it came up with what it deems a "critical" security flaw in the WebHelp output I gave them. Here is the text of the scanner message:

Issue: Cross-Site Scripting: DOM
Abstract: The method FMCPopup() in MadCapAll.js sends unvalidated data to a web browser on line 1, which can result in the browser executing malicious code.
Path, File, Line Start: "Webapp/ admin-web/ src/ main/ webapp/ uit/ WebHelp/ Content/ SkinSupport/ MadCapAll.js, 1"

I searched the KB and it looks like this particular flaw might have been addressed in a security patch for Flare 9, but upgrading Flare isn't an immediate option for us. Is anyone else familiar with this error, and is there anything we can do on our side to address it without upgrading Flare?