cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
1
Upvote

Insecure Randomness security vulnerability in RoboHelp Version 2020.7.46

jenniferc89874448
Explorer ,
May 03, 2022 May 03, 2022

Our Security team performed a Fortify SCA scan of our source code and found some security vulnerabilities relating to some of our RoboHelp files. I need help fixing this issue. Only related post I saw was a suggested patch for RH 2015. 

 

The files that are problematic are common.min.js, layout.min.js, rh.min.js, and topic.min.js. 

 

Can anyone help?

2.2K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 28 Replies 28
latest latest Jump to latest reply
Peter Grainge Community Expert
Community Expert ,
Sep 07, 2022 Sep 07, 2022

Old files on the server is what @Amebr was pointing at in her post.

________________________________________________________

My site www.grainge.org includes many free Authoring and RoboHelp resources that may be of help.

 

Help others by clicking Correct Answer if the question is answered. Found the answer elsewhere? Share it here. "Upvote" is for useful posts.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Sleant
Participant ,
Sep 08, 2022 Sep 08, 2022
LATEST
In Response To Peter Grainge

Absolutely! Thank you as always, Peter.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Amebr Community Expert
Community Expert ,
Sep 07, 2022 Sep 07, 2022

@Sleant if you have those files in your project source, it probably means that at some point someone accidentally generated the output into the source folder. Do you know if that was detected and cleaned up? If not, you might have some additional things to double-check .

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Sleant
Participant ,
Sep 08, 2022 Sep 08, 2022
In Response To Amebr

You're always right 🙂 What I didn't know was that the culprit could be from the source file (.../sourcefiles/contents/assets/js/*). I kept thinking it was the published files and folders. You're comment definitely guided me through my though process, so thank you as always.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
RoboHelp Documentation
RoboHelp User Guide
Open in a new window
Download Adobe RoboHelp
Download for all available Updates
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices