This topic has 2 replies, 2 voices, and was last updated 5 years, 4 months ago by hkworker2002. Author Posts August 26, 2015 at 12:22 pm #5297 hkworker2002Participant After security vulnerability, it was reported that following CSS vulnerability is discovered in OpenAM 12. Can anyone confirm if this is valid and any resolution, workaround? Thanks. Affected URL: /sso/console/ajax/AjaxProxy.jsp Risk Level: Medium Finding and Vulnerability Description: This script is possibly vulnerable to Cross Site Scripting (XSS) attacks. Recommendation: The script should filter metacharacters from user input. August 27, 2015 at 9:36 pm #5311 Neil MaddenParticipant Please report suspected security issues to the [email protected] mailing list. September 10, 2015 at 4:57 am #5427 hkworker2002Participant Already reported for a week but get no response. Not sure if anyone is following up this case or ignored by mail. Author Posts Viewing 3 posts - 1 through 3 (of 3 total) You must be logged in to reply to this topic.