Sorry but as i see you expecting too much from support
😃 I have 2 cases each for 3-4 months urgent and for system basic funtions
Broadcom Support not response right
I will never recomend it to a cutomer
__________________________________________________________________ Disclaimer: This message and its attachment, if any, are confidential and may contain legally privileged information. If you are not the intended recipient, please contact the sender immediately and delete this message and its attachment, if any, from your system. You should not copy this message or disclose its contents to any other person or use it for any purpose. Statements and opinions expressed in this e-mail are those of the sender, and do not necessarily reflect those of Ministry of Justice (MOJ), Saudi Arabia. MOJ accepts no liability for damage caused by any virus transmitted by this email.____________________________________________________________ هذه الرسالة و مرفقاتها (إن وجدت) تمثل وثيقة سرية قد تحتوي على معلومات تتمتع بحماية وحصانة قانونية. إذا لم تكن الشخص المعني بهذه الرسالة يجب عليك تنبيه المُرسل بخطأ وصولها إليك، و حذف الرسالة و مرفقاتها (إن وجدت) من الحاسب الآلي الخاص بك. ولا يجوز لك نسخ هذه الرسالة أو مرفقاتها (إن وجدت) أو أي جزئ منها، أو البوح بمحتوياتها لأي شخص أو استعمالها لأي غرض. علماً بأن الإفادات و الآراء التي تحويها هذه الرسالة تعبر فقط عن رأي المُرسل و ليس بالضرورة رأي وزارة العـدل السعودية، ولا تتحمل وزارة العدل أي مسئولية عن الأضرار الناتجة عن أي فيروسات قد يحملها هذا البريد
Original Message:
Sent: 11/2/2022 3:37:00 AM
From: Jacques Geldenhuys
Subject: RE: Cross Site Scripting/XSS manipulation
Hi
Thank you for your message, I have had a case (33265483) open for 9 days now, logs were taken but still waiting.
This is becoming urgent now
Thank you
Jacques
Original Message:
Sent: Nov 01, 2022 03:15 AM
From: Vallinayagam Pitchaimani
Subject: Cross Site Scripting/XSS manipulation
Hi Jacques,
We need to look at the browser logs to ascertain the root cause.
Can you please support case, so that we can have a detail look at your logs and provide a solution.
Original Message:
Sent: Oct 27, 2022 03:46 AM
From: Jacques Geldenhuys
Subject: Cross Site Scripting/XSS manipulation
Hi All
We patched our environment to 17.3.0.16 and are experiencing Cross Site Scripting/XSS manipulation when doing exports from Service Desk.
I have found the below articles,
https://knowledge.broadcom.com/external/article/241433/cross-site-scriptingxss-manipulation-exi.html
https://techdocs.broadcom.com/us/en/ca-enterprise-software/business-management/ca-service-management/17-3/installing/installing-ca-service-management-17-3/installing-ca-service-desk-manager/securing-ca-sdm-from-cross-site-scripting-vulnerabilities.html
https://knowledge.broadcom.com/external/article?articleId=37204
https://knowledge.broadcom.com/external/article/36172/resolve-qbeeqref_num-cross-site-scriptin.html
The export works when NX.env variables are configured to the local server and your login URL is that of the local server.
However, we are configured to go via F5 for LAN and WAN in terms of Attachments and exporting
My question is, does anybody have a solution for how to address Cross Site Scripting/XSS manipulation via F5
Thank you
Jacques