Did I understand correctly that systems following the security recommendations and configuring the keys as documented in https://docs.telerik.com/devtools/aspnet-ajax/controls/asyncupload/security … are not affected?
The CVE-2019-18935 is a severe insecure deserialization vulnerability affecting #Telerik UI. Understand its impact + learn to safely patch your software in this post from @noperator: https://hubs.ly/H0mf7L-0 (With thanks to @mwulftange + @bao7uo)pic.twitter.com/qHc5XoKywA
-
-
-
Right—update to R3 2019 SP1 or later, then follow the recommended settings on the page you linked to. Namely, set a custom encryption key and enable whitelisting metadata types. Setting a custom hash key is a good idea, too.
- Još 2 druga odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.