Our IT team use HP Fortify scanner to verify webhelp content created from RH 2017 (126.96.36.1994) which identified 15 Cross site scripting vulnerabilities along with 3 dynamic code evaluation and one open redirect flaw. This is in a small help file of approx 50 pages!
Looking in this forum this seems to be a long running issue with RH over a number of versions.
Adobe help suggested upgrade to 2019 free trial version - which i did, but majority of issues remain unresolved. Latest communication from Adobe says they acknowledge the bug and will look to fix on a future release. That really doesn't help when we have products due for launch imminently where i am supplying the help content and our IT team will not allow the files to be used -and also existing help files in live products are now likely to be withdrawn.
I am not technically savvy, but these issues seem to be very serious and the continual solution seems to be "Buy the latest version" - indicating no appetite for fixing currently owned software?
Does anyone have a solution which can be implemented as i believe happened with RH 11 or 2015 versions?
would you mind sharing the HP Fortify report directly with the specialized Adobe Technical Communication support (firstname.lastname@example.org)? Please put me on CC (please see my Private Forum message for my email address).