000036181 - Getting XSS error for the dashboard while logging in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Apr 3, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036181
Applies ToRSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.0.2
 
IssueAfter upgrade from RSA IDentity Management and Governance 6.9.1 to RSA Identity Governance & Lifecycle 7.0.2, a user could see the XSS attack error while logging into the system. The error states that it is unable to create a page ID for a custom created dashboard.
 
User-added image 
CauseThis error is due to a bookmark created for a login page in 6.9.1.

In 6.9.1 the URL navigating to the dashboard was similar to the following:


In 7.0.2 there is a slight change in the URL representation, as shown:


If you use the same bookmarked URL as used in 6.9.1, the system finds a change during link validation and throws the error of possible XSS attack.
ResolutionKindly remove the old bookmark and create new one for the new version of RSA Identity Governance & Lifecycle.

Attachments

    Outcomes