Lodash Security Update (MINDBREEZE26382)

ID: MINDBREEZE26382 
Affected Components: Mindbreeze InSpire 
Severity: 7.3 High 
Status: Final 
First published: March 15, 2023 
CVEs: CVE-2021-23337, CVE-2020-28500, CVE-2020-8203, CVE-2019-1010266, CVE-2019-10744, CVE-2018-16487 

Summary

Possible XSS and DoS in the Lodash library.

Hotfix Information

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 23.1 Release (Version 23.1.0.410) 

• Mindbreeze InSpire Saas 23.1 Release (Version 23.1.0.410)