| Info |
|---|
Latest update date of this article: |
General information
Two XSS vulnerabilities have been discovered in Nexus Digital Access.
...
A patch version has been released to fix the XSS vulnerabilities in Digital Access 6.8.x. This version is called Digital Access 6.8.1 and it is available for download through the Support Portal (or by upgrading the versiontag.yml in the Docker Swarm setup). The version includes fixes for two XSS vulnerabilities, and it is highly recommended to upgrade to this release. See Release Notes Digital Access 6.8.1 for more information.
Patch versions will be made available as they are completed in are available for the remaining minor versions still in support. This article will be updated when these :
Digital Access component version 6.7.4
Digital Access component version 6.6.2
Digital Access component version 6.5.3
The versions are available for download from the Support Portal (or the suggested method to upgrade versiontag.yml).
These releases also contain fixes for less critical vulnerabilities that have been discovered after the release of the previous maintenance version in that minor release. See the respective release notes (linked above in the bullet list) for the contents of each version.
If upgrade to a patched version can not be completed currently, see the steps below to manually avoid the vulnerabilities.
...