Copy link to clipboard
Copied
Our IT team use HP Fortify scanner to verify webhelp content created from RH 2017 (13.0.2.334) which identified 15 Cross site scripting vulnerabilities along with 3 dynamic code evaluation and one open redirect flaw. This is in a small help file of approx 50 pages!
Looking in this forum this seems to be a long running issue with RH over a number of versions.
Adobe help suggested upgrade to 2019 free trial version - which i did, but majority of issues remain unresolved. Latest communication from Adobe says they acknowledge the bug and will look to fix on a future release. That really doesn't help when we have products due for launch imminently where i am supplying the help content and our IT team will not allow the files to be used -and also existing help files in live products are now likely to be withdrawn.
I am not technically savvy, but these issues seem to be very serious and the continual solution seems to be "Buy the latest version" - indicating no appetite for fixing currently owned software?
Does anyone have a solution which can be implemented as i believe happened with RH 11 or 2015 versions?
Thanks
Copy link to clipboard
Copied
Hi Phil England,
would you mind sharing the HP Fortify report directly with the specialized Adobe Technical Communication support (tcssup@adobe.com)? Please put me on CC (please see my Private Forum message for my email address).
Kind regards,
Stefan Gentz