ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Does CVE-2012-6708 affect Messaging Gateway?

book

Article ID: 238014

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Is SMG Control Center vulnerable to CVE-2012-6708 (jQuery XSS attacks)?

Cause

Older jquery library version -1.8.2.js 

Environment

Pre-patched SMG version 10.7.5 or older

Resolution

The version of jquery has been updated and released in a patch P291 (Patch 10.7.5-291).

Update to Messaging Gateway version 10.7.5 patch 291 to address CVE-2012-6708 (jQuery XSS attacks).

For general version 10.7.5 information, please refer - Messaging Gateway 10.7 release notes and late breaking news

For patch information, please refer to the following article: Installing and removing patches for Messaging Gateway