[webapps] - Good for Enterprise 2.2.2.1611 - XSS Vulnerability

The vulnerable versions are v2.2.2.1611 and earlier Proof of Concept:HTML Email including the following payload will execute Javascript statements when the victim open the email using the vulnerable version. Payload: < script >alert('XSS Here')< / script> Remediation:I worked with the Good people to close the issue, I provided some guidance and feedback and agreed with them to not disclose it until they fix it.The new release is now available:Update the "Good for Enterprise" iOS application to 2.2.4.1659 or newer References:https://www.roblest.com/#research:CVE-2013-5118 Can the comunity please provide feedback and comments in order to ensure the fix is working wellMany thanksMario
View the original article here