Upgrading to Ektron Version 8.02 SP5

• Adding Metadata in Workarea Throws Error
• HOW TO:Add acceptable XSLT files to the system

Issues Resolved for Version 8.02 SP5

See also: KB Articles for Upgrading to 8.0.2 SP2, Knowledge Base Article for Upgrading to Ektron Version 8.02 SP4

• 62213, 62214, 61724, 61169, 63465—Security issues with XSL transformations. Details below.

Microsoft Vulnerability Research Advisory MSVR12-016

Microsoft Vulnerability Research (MSVR) has announced an advisory with Ektron Web Content Management System (CMS). MSVR discovered the two vulnerabilities, CVE-2012-5357 and CVE 2012-5358), reported the issues to Ektron, and worked with their development team to ensure that the issues were resolved. The first vulnerability deals with improperly sanitized user data that could potentially result in the execution of arbitrary code. The second issue could allow an attacker to bypass authentication if properly exploited. Customers that have Ektron's CMS deployed are advised to review the advisory and apply the patches as soon as possible.