VERIFIED SOLUTION i

How to address security vulnerabilities in EngageOne Delivery Audit 4.0 and Mail360 Data Manager version 3.1

The same product used to be called Mail360 Data Manager up thru version 3.1, then was renamed EngageOne Delivery Audit beginning with version 4.0


A Security scan of the Mail360 Data Manager and EngageOne Delivery Audit applications have detected the following Security Vulnerabilities, depending on the version used..
  1. Cross-Site Scripting
  2. Dangerous File inclusion
  3. Web Server Misconfiguration
  4. Session hijacking vulnerability (session fixation attack)
A patch is release for both the versions to address the above mentioned Security Vulnerabilities.
  1. For Mail360 Data Manager v3.1 - Apply patch 3.1.0 S02 released to address items 1, 2 and 3.
  2. For EngageOne Delivery Audit v4.0 - Apply patch 4.0.0 S02 released to address items 1 thru 4.
Login to www.g1.com/support or contact Pitney Bowes Software Support to download the patch.
 
UPDATED:  November 6, 2017