A new update is available for SAS Environment Manager , version 2.5_M1 :
SAS Note 62511 | SAS® Environment Manager contains a stored cross-site scripting vulnerability |
SAS Note 62513 | SAS® Environment Manager is vulnerable to jackson-databind vulnerabilities |
This list of notes might be incomplete. For a complete list of issues addressed by this hot fix, visit the hot fix page for A8X007 |
Note: A comprehensive list of all SAS hot fixes is available from support.sas.com. You can use the SAS Hot Fix Analysis, Download, and Deployment (SASHFADD) tool to manage your SAS hot fixes.