VERIFIED SOLUTION i

Security Vulnerabilities in Mail360 DM web url

Version: v3.1 and 4.0

Issue

Following is the list of vulnerabilities detected in Mail360 DM.

  1. Cross-Site Scripting 
  2. Dangerous File inclusion 
  3. Web Server Misconfiguration
  4. Session Fixation

Cause

Identified as the product defect.

Resolution

UPDATED: May 24, 2017
  1. Patch 3.1.0 S02 released to address 1, 2 and 3.
  2. Patch 4.0.0 S02 released to address 4.
The security patch can be downloaded from G1 Support site or contact client support for more information on patch download.