Is there a work-around for the NIST Vulnerability identified in the Kendo Editor Widget?
2 Answers, 1 is accepted
0
Ianko
Telerik team
answered on 13 May 2019, 06:20 AM
Hello Wendel,
That report is regarding 2018.1.221 version. And since that version there are fixes that target XSS vulnerability. I suggest you to re-test the Kendo Editor and check out the specific case.
If you have any further questions on the topic please provide a specific scenario that you have. The exact HTML that is being used in Editor that leads to the vulnerability.
Regards,
Ianko
Progress Telerik
Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers.Learn More.