cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
1
Upvote

Insecure Randomness security vulnerability in RoboHelp Version 2020.7.46

jenniferc89874448
Explorer ,
May 03, 2022 May 03, 2022

Copy link to clipboard

Copied

Our Security team performed a Fortify SCA scan of our source code and found some security vulnerabilities relating to some of our RoboHelp files. I need help fixing this issue. Only related post I saw was a suggested patch for RH 2015. 

 

The files that are problematic are common.min.js, layout.min.js, rh.min.js, and topic.min.js. 

 

Can anyone help?

Views

693

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 28 Replies 28
latest latest Jump to latest reply
Peter Grainge Community Expert
Community Expert ,
Sep 07, 2022 Sep 07, 2022

Copy link to clipboard

Copied

Old files on the server is what @Amebr was pointing at in her post.

________________________________________________________

My site www.grainge.org includes many free Authoring and RoboHelp resources that may be of help.

 

Help others by clicking Correct Answer if the question is answered. Found the answer elsewhere? Share it here. "Upvote" is for useful posts.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Sleant
Participant ,
Sep 08, 2022 Sep 08, 2022

Copy link to clipboard

Copied

LATEST
In Response To Peter Grainge

Absolutely! Thank you as always, Peter.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Amebr Community Expert
Community Expert ,
Sep 07, 2022 Sep 07, 2022

Copy link to clipboard

Copied

@Sleant if you have those files in your project source, it probably means that at some point someone accidentally generated the output into the source folder. Do you know if that was detected and cleaned up? If not, you might have some additional things to double-check .

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Sleant
Participant ,
Sep 08, 2022 Sep 08, 2022

Copy link to clipboard

Copied

In Response To Amebr

You're always right 🙂 What I didn't know was that the culprit could be from the source file (.../sourcefiles/contents/assets/js/*). I kept thinking it was the published files and folders. You're comment definitely guided me through my though process, so thank you as always.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
RoboHelp Documentation
RoboHelp User Guide
Download Adobe RoboHelp
Download for all available Updates
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices