We have Servoy installed on our server version R2 2.1.2. We have several clients who require network security checks done on our system on a monthly basis.
We are getting the following security risk flagged on the Servoy install. Specifically the Tomcat version bundeled with the Servoy install. Apache Tomcat / servlet Cross-Site Scripting. The risk appears to extend up to Tomcat version 4.0.3.
Is there a way to get a newer version of Tomcat bundeled with Servoy?
Does anyone have a work around?
At first I thought that the risk was the version of Tomcat running on the full apache web server on that system so I upgraded it but it had no affect on the version that Servoy was using (which of course makes perfect sence now that I think about it).