Notification templates can't be modified after the upgrade
Technical Articles ID:
KB82947
Last Modified: 12/10/2020
Last Modified: 12/10/2020
Notification templates can't be modified after the upgrade
Technical Articles ID:
KB82947
Last Modified: 12/10/2020 Environment
McAfee Security for Microsoft Exchange (MSME) 8.5 Microsoft Windows 2012, Microsoft Exchange 2013, 2010 SP2, 2007 SP3 For supported environments, see KB82890 - Supported platforms for Security for Microsoft Exchange 8.5.x. ProblemWhen you upgrade from MSME 7.6 Patch 1 or MSME 8.0 to version 8.5, you see that notification templates in the MSME console can't be modified. The notification templates are under Settings
CauseThe notification templates contain Cross-Site Scripting (XSS) vulnerable tags. These tags can be used in MSME 7.6 and 8.0, but can't be used in MSME 8.5.
SolutionDelete the existing templates and create templates that do not use XSS-vulnerable tags. You can still use the existing templates that contain these tags in MSME 8.5, but you can't modify them. For a list of XSS-vulnerable tags to avoid when modifying notification templates in MSME, see KB82214 - Tags to avoid in MSME to prevent XSS vulnerabilities. Related InformationXSS is a computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side scripts into webpages viewed by other users.
Affected Products |
|