When your password contains < or > and you attempt to log into K2 with Forms STS, the password will display on the screen and the authentication request will fail.
The following error occurs: “A potentially dangerous Request.Form value was detected from the client Password”.
The fix is available in the following K2 versions:
|K2 4.7 March 2018 Cumulative Update
||K2 Five (5.0) September 2018 Cumulative Update
||K2 Five (5.1) November 2018 Cumulative Update
||K2 Five (5.2) May 2019 Cumulative Update
||K2 Five (5.3)
||Fix Pack 31
- Ensure you have the correct K2 version and/or Cumulative Update installed. See KB001893 to see what Fix Pack level you have installed.
- Download the latest Fix Pack using the links in the table above for the version you require.
- Install the Fix Pack to apply the fix.