Security vulnerability present when using Web Report Designer

Environment

Description

A security vulnerability is introduced with version R3 2020 (14.2.20.916) and is present in web applications embedding the Web-based Report Designer.

Solution

We strongly recommend upgrading to version R3 2021 SP2 (15.2.21.1125) or a subsequent one of Progress Telerik Reporting. This version resolves the issue completely. In case upgrading is not applicable to your scenario, please contact the support service team for detailed instructions how to mitigate the issue.

See Also

• Release notes for version R3 2020 (14.2.20.916)
• Release notes for version R3 2021 SP2 (15.2.21.1125)