cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Cross site scripting errors in RoboHelp 8.0

Guest
Oct 04, 2010 Oct 04, 2010

Copy link to clipboard

Copied

We are using Robohelp 8.02, generating webhelp for a web application. Development just started to use Fortify to identify security vulnerabilities. The Fortify software found 17 Robohelp htm files with cross-site scripting security holes. We are NOT using RoboHelp Server 8.

Before creating this posting, I searched the forums and found one post from Feb 2010 (Beware -serious - cross site scripting errors in Robohelp 8.0).

From reading that posting, it appears that an Adobe engineer was involved----I'm not clear on the final outcome for this issue.

Any additional information on the final resolve for this issue would be helpful.

Thanks,

Beware - serious breach - cross site scripting errors in RoboHelp 8.0

Views

687

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 5 Replies 5
latest latest Jump to latest reply
Peter Grainge Community Expert
Community Expert ,
Oct 04, 2010 Oct 04, 2010

Copy link to clipboard

Copied

The previous poster indicated that Tulika, who I can confirm is an Adobe engineer, stated "when she reviewed the code that was triggering the Fortify cross site scripting errors, she came to the conclusion that it was not actually harmful." The poster also indicated their opinion was the other errors were minor.

That seems clear enough so I wonder what value is anything that anyone here can add? The forum responses are from other users and I would have thought any further assurance beyond the above is something your management would want to come from Adobe.

I have not seen anything on these forums indicating that any attack has been triggered.

See www.grainge.org for RoboHelp and Authoring tips

@petergrainge

Help others by clicking Correct Answer if the question is answered. Found the answer elsewhere? Share it here. "Upvote" is for useful posts.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Peter Grainge Community Expert
Community Expert ,
Oct 04, 2010 Oct 04, 2010

Copy link to clipboard

Copied

In Response To Peter Grainge

On further consideration, maybe your management would want to take this up with Fortify? They are the ones claiming there is a risk.

A few days ago Norton told me some software I was going to use was very dangerous. It seems that claim was based on characteristics and when they tested it properly, Norton advised it was safe to use!

See www.grainge.org for RoboHelp and Authoring tips

@petergrainge

Help others by clicking Correct Answer if the question is answered. Found the answer elsewhere? Share it here. "Upvote" is for useful posts.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Oct 05, 2010 Oct 05, 2010

Copy link to clipboard

Copied

In Response To Peter Grainge

Thanks for your response.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Peter Grainge Community Expert
Community Expert ,
Oct 19, 2010 Oct 19, 2010

Copy link to clipboard

Copied

In Response To Deleted User

Barbc11

You should look at this.

http://www.adobe.com/support/security/bulletins/apsb10-23.html

See www.grainge.org for RoboHelp and Authoring tips

@petergrainge

Help others by clicking Correct Answer if the question is answered. Found the answer elsewhere? Share it here. "Upvote" is for useful posts.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Oct 19, 2010 Oct 19, 2010

Copy link to clipboard

Copied

LATEST
In Response To Peter Grainge

Thanks very much for the link. I appreciate the information.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
RoboHelp Documentation
RoboHelp User Guide
Download Adobe RoboHelp
Download for all available Updates
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices