Our Security IT department identified a vunerability issue with the file bootstrapper.min.js which is found in any course exported using Storyline 360. The concern is with the lodash 3.10.1.
Here's a link that they provided to me explaining the security vulnerability.
Thanks for the follow-up! Our team has prioritized a fix for this issue, so assuming all goes well in the final testing phases, you should see an update from us in the next version of Storyline 360!
we are also experiencing this issue and it has the ability to negatively impact our business. Please let the community know when or how we can get workarounds to this issue until testing is complete.
Good afternoon @Ren, Just wanted to echo the sentiments of the previous post and inquire about the release date for this fix. This is critical for our client who is requesting information for a definitive solution.
Following up on Ren's last comment, I'm happy to report that we just released another update for Storyline 360 today. Our team has addressed the vulnerability: Out-of-date Version of Lodash.
Just launch the Articulate 360 desktop app on your computer and click the Update button for each application—details here.
Thank you for reporting this to us. Please let us know if you have any questions or reach out to our Support Engineers directly!
11 Replies
Hi Pierre,
Thanks for reaching out and sharing your concern about this vulnerability! Our team has spotted this as well and is working to address it.
I can’t provide a timeline yet on a fix, but I'm happy to jump back in this discussion to provide an update as soon as possible!
Thank you very much Ren!
Hi @Ren,
Any timeline available?
Hi Patrick,
Thanks for the follow-up! Our team has prioritized a fix for this issue, so assuming all goes well in the final testing phases, you should see an update from us in the next version of Storyline 360!
Thanks!
Following...please post here when this update has been made available
@Ren, our client would like an ETA on the update due to the security vulnerabilities. When do you suspect the next update will be released?
Hi Ren,
we are also experiencing this issue and it has the ability to negatively impact our business. Please let the community know when or how we can get workarounds to this issue until testing is complete.
Good afternoon @Ren,
Just wanted to echo the sentiments of the previous post and inquire about the release date for this fix. This is critical for our client who is requesting information for a definitive solution.
Hello everyone!
Following up on Ren's last comment, I'm happy to report that we just released another update for Storyline 360 today. Our team has addressed the vulnerability: Out-of-date Version of Lodash.
Just launch the Articulate 360 desktop app on your computer and click the Update button for each application—details here.
Thank you for reporting this to us. Please let us know if you have any questions or reach out to our Support Engineers directly!
Hi All! I would like to publicly thank the Articulate team for addressing this issue in such a swift and deliberate manner.
Cheers!