Insight App Designer and Apps Overview: XSS via Inclusion of External Script (MINDBREEZE30948)

Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 6.5 Medium 
Status: Final 
First published: May 15, 2024 


  • Insight App Designer XSS and Apps: via Inclusion of External Script via URL Parameter


Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

  • Mindbreeze InSpire 24.2 Hotfix 1 Release 
  • Mindbreeze InSpire SaaS 24.2 Hotfix 1 Release