Overview

This article provides information about an issue regarding a security vulnerability identified on Jive 9.0.1, and the static resources image files library.

Users can upload executable files into the statics images resource library by changing the file extension, for example, from .exe to .jpg.

Environment

Jive - Hosted / On-premises Version

Information

The fix id for this issue is JVHOPLE-3224. The fix has been released in Jive 9.0.5.3.