Hi - We recently upgraded to Captivate 2019 to update some old video content. Our Fortify On-Demand (FOD) security scan has flagged two files with High and Critical security flaws. I've searched the forum but can't find any reference to these issues in a later version of Captivate. I had hoped that by upgrading we wouldn't have these issues.
We are using these HTML5 videos on our web site as standalone introductions to our app, not part of an LMS.
FILE: CPXHRLoader.js ISSUE: High severity Cross-Site Scripting: DOM on line 37. (Read g.href - Assignment to g.innerHTML)