cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Crystal Report for visual studio 2017 - 13.0.24 - Unsafe Use Of Target blank

Go to solution
former_member586002
Discoverer

on ‎04-02-2019 1:59 PM

0 Kudos

In order to fix a security vulnerability Unsafe Use Of Target blank when using the "target" attribute, "rel" attribute should also be set as “noopener noreferrer”. Following two instances does not follow above security guidelines:

  1. crystalreportviewers13/allInOne.js - Line no. 13037
  2. crystalreportviewers13/js/flexparameterbridge.js - Line no: 50

Can we expect these to be fixed in future release?

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member11696
Employee
Employee
‎04-26-2019 9:34 PM
0 Kudos

Sorry I meant up date this post:

191930 / 2019 Crystal Report for visual studio 2017 - 13.0.24 - Unsafe Use Of Target blank

2777152 - Crystal Report for visual studio uses "Unsafe Use Of Target blank" tag in the WEB form viewers

It's been fixed and will be in the next patch SP 25 due out in early May.

Don

Show replies
Show replies

Answers (2)

Answers (2)

former_member586002
Discoverer
‎04-24-2019 10:02 AM
0 Kudos

Hi Don,

Do you have any update? We require an immediate resolution to close this vulnerability at our end.

Thanks,

Binod

Show replies
Show replies
former_member11696
Employee
Employee
‎04-03-2019 10:09 PM
0 Kudos

Hi Binod,

I'm checking with R&D on this subject.

We'll see what they have to say about it...

Thanks for reporting it to us.

Don

Show replies
Show replies
Ask a Question