New Build

[BenHayat]

https://awareim.com/changelog/Readme2469.txt

[johntalbott]

Support -

3. Some cunning business space name could have gained access to the app

Can you clarify what this means?

[weblike]

Hi,
Does anyone reported cross site scripting attacks?
Sounds like we have to update imediatly to this build or what?

[intra]

Could we please have some transparency regarding the third bug fix please?

Code: Select all

3. Some cunning business space name could have gained access to the app 

Would be great to understand the potential scenario.

[ab042]

Hopefully this isn't a big deal and if it is then it would be stupid for anyone to publish details on an open forum.

Just my 2 cents

[intra]

Security through obscurity works, understand that.

However were a learning forum, details on how the potential issue arises is something we can look out for in future revisions. Im sure like most bugs its something silly that was never intended in the first place.

Given its been fixed, i see no issue with sharing the knowledge.

[customaware]

Pete,

It could remain an issue for those who have yet to update to the latest build and also for those who have legacy applications in old versions that have yet to be updated.

I am sure if you really need to know, then support would advise you.

[aware_support]

You don't need to be alarmed. A couple of big companies performed some extensive penetration testing to verify how secure Aware IM is and the good news is that it is very secure. A couple of low severity vulnerabilities have been detected and these have been fixed in the new build. You don't need to rush to update, but it is recommended.