Out-of-the-box, WorldServer 11.7.x uses
version 1.9 of Apache Commons Text, and versions 1.5 to 1.9 are affected.
The issue has been raised with our Engineering Team to update the Apache Common Text version to 1.10 or higher. Hotfix
WS 11.7.3 HF3 is now available from the WorldServer FTP site to address the issue.
You can find it on your RWS WorldServer FTP Account under this directory:
/software/11.7.3/Hotfixes
File name: WS_11.7.3_HF3.zipNote: the hotfix is not cumulative, meaning that it can be installed independently from other hotfixes for WorldServer 11.7.3. It will not affect them, and vice versa.
We recommend installing this hotfix without delay in order to mitigate the security vulnerability described in CVE-2022-42889.
