SAS Institute. The Power to Know
 
 
 

SAS Web Report Studio 4.4_M8

Hot Fix Downloads for Windows for x64

* General Information about Hot Fixes

M7N001 was replaced by M7N006

M7N002 was replaced by M7N006

M7N003 was replaced by M7N006

M7N004 was replaced by M7N006

M7N005 was replaced by M7N006

M7N006 for Windows for x64
SAS Web Report Studio 4.4_M8
Issue(s) Addressed:Introduced:
70370 SAS® Web Report Studio generates the message "Report schedule failed" M7N001
70426 SAS® Web Report Studio contains a stored cross-site scripting vulnerability M7N001
70527 Multiple SAS® products contain a version of iText with known vulnerabilities M7N002
70585 A message, "SAS Add-In for Microsoft Office has encountered a problem," might appear when opening a SAS® Web Report Studio report M7N002
70693 SAS® Web Report Studio contains a version of Apache Struts with known vulnerabilities M7N003
70767 SAS® Web Report Studio contains a version of ehcache that is known to be affected by CVE-2020-36518 M7N003
KB0041039 SAS® Web Report Studio contains a Cross-Site Request Forgery (CSRF) vulnerability when using method=GET M7N006
NOTE: If you install this hot fix and have SAS BI Report Services 4.4_M8 installed, you must also install hot fix M7P006.
Released: April 03, 2025     Documentation: M7N006x6.html D       Download: M7N006pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^

M7P001 was replaced by M7P006

M7P002 was replaced by M7P006

M7P003 was replaced by M7P006

M7P004 was replaced by M7P006

M7P005 was replaced by M7P006

M7P006 for Windows for x64
SAS BI Report Services 4.4_M8 hot fix for SAS Web Report Studio 4.4_M8
Issue(s) Addressed:Introduced:
70370 SAS® Web Report Studio generates the message "Report schedule failed" M7P001
70426 SAS® Web Report Studio contains a stored cross-site scripting vulnerability M7P001
70527 Multiple SAS® products contain a version of iText with known vulnerabilities M7P002
70693 SAS® Web Report Studio contains a version of Apache Struts with known vulnerabilities M7P003
70767 SAS® Web Report Studio contains a version of ehcache that is known to be affected by CVE-2020-36518 M7P003
KB0041039 SAS® Web Report Studio contains a Cross-Site Request Forgery (CSRF) vulnerability when using method=GET M7P006
NOTE: If you install this hot fix and have SAS Web Report Studio 4.4_M8 installed, you must also install hot fix M7N006.
Released: April 03, 2025     Documentation: M7P006x6.html D       Download: M7P006pt.zip  
D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment.
Top ^



PLEASE CAREFULLY READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT ("AGREEMENT") BEFORE DOWNLOADING MATERIALS FROM THIS SITE. BY DOWNLOADING ANY MATERIALS FROM THIS SITE, YOU ARE AGREEING TO THESE TERMS.
You are downloading software code ("Code") which will become part of a product ("Software") you currently have licensed from SAS Institute Inc. or one of its subsidiaries ("the Institute"). this Code is designed to either correct an error in the Software or to add functionality to the Software. The code is governed by the same agreement which governs the Software. If you do not have an existing agreement with the Institute governing the Software, you may not download the Code.
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are registered trademarks or trademarks of their respective companies.
Copyright © SAS Institute Inc. All Rights Reserved.