Security update available for RoboHelp

Friday, August 12 2011 @ 10:52 AM, By Ankur Jain

Summary: An important vulnerability has been identified in RoboHelp and RoboHelp Server. A specially crafted URL could be used to create a cross-site scripting attack on RoboHelp installations. Solution for this is now available.

Affected Software Versions: RoboHelp 9 (versions 9.0.1.232 and earlier), RoboHelp 8, RoboHelp Server 9, and RoboHelp Server 8 for Windows.

Note: Customers using RoboHelp 9 version 9.0.1.262 are not vulnerable to this issue.

Solution: Adobe recommends users update their RoboHelp and/or RoboHelp Server installations by applying the relevant updates using the instructions provided in this Security Bulletin.

Ankur Jain
Product Manager – Technical Communication Suite | RoboHelp
Follow me on Twitter: @ankurjain8

COMMENTS

  • By Michael H. - 1:09 PM on August 12, 2011  

    How does this new whutils.js file compare to the one that fixes the SSL over IE issue (where the TOC and Search didn’t work)? Currently we are happy to have those working and I don’t want to mess that up. I guess it would be better to fix the cross-site scripting issue, but we really need to the TOC and Search to work too…

  • Categories

  • Archives

  • Authors

  • Useful Links

  • Recent Comments

    • Joel: Thanks for fixing the links guys!
    • Maxwell Hoffmann: Ted, one aspect of the blog that may have escaped your notice; you can launch the HTML5 version in...
    • Maxwell Hoffmann: Joel, per comments made above, I discovered that the original URLs were incorrect with pointers to...
    • Maxwell Hoffmann: Paul, as I indicated in the comments below, the original blog had links that pointed to a...
    • Maxwell Hoffmann: I apologize to all concerned regarding my suggestion to “clear the cache” … it...