Security update of the Kerberos assistant (MINDBREEZE32736)

ID: MINDBREEZE32736 
Affected Components: Mindbreeze  InSpire, Mindbreeze InSpire SaaS 
Severity: 4.5 medium 
Status: Final 
CVEs: MINDBREEZE32736 

Summary 

  • Missing HTML escaping in MMC Kerberos configuration may allow script execution in the browser window 

     

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

  • Mindbreeze InSpire 24.6 Hotfix 1 Release
  • Mindbreeze InSpire Saas 24.6 Hotfix 1 Release