cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

The whtopic.js file was identified as a security threat

Guest
Aug 25, 2013 Aug 25, 2013

Hello,

We generate WebHelp using RoboHelp HTML. The security teams contantly runs security checks on the applications and the whtopic.js file that RoboHelp generates was identified as a security threat becuase of "DOM ocde injection". The comment was that the document.location.href is controllable and, at a minimum, ought to be run through some html encoding.

Any one else ever run into security analysis of the RoboHelp generated files?

Anything we can do about it?

Thanks,

Rakefet

599
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
Guest
Aug 25, 2013 Aug 25, 2013

Just to add, we are using Robohelp 9.0.2.271.

I saw

Vulnerability identifier: APSB11-23

CVE number: CVE-2011-2133

but it seems to be realted to an earlier version and should be OK in the version that we have.

I tried to replace the mentioned files but could not see the change.

Thanks,

Rakefet

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Willam van Weelden
LEGEND ,
Aug 28, 2013 Aug 28, 2013
LATEST
In Response To Deleted User

These security things sometimes come up in tools. As the code here doesn’t have anything to do with cross frame scripting, so I very much doubt this is an XSS vulnerability. I have asked the people who know about this to look it over.

Greet,

Willam

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
RoboHelp Documentation
RoboHelp User Guide
Open in a new window
Download Adobe RoboHelp
Download for all available Updates
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices