In the HTML documents section of the Security administration interface, users with the ADMIN role can configure a toggle to prevent privilege escalation attacks.
A privilege escalation attack can occur in the following circumstances:
In the HTML documents section of the Security administration interface, users with the ADMIN role can configure a toggle to prevent privilege escalation attacks.
A privilege escalation attack can occur in the following circumstances:
HTML documents include all unstructured documents, map attachments and resources with the mime type text/html.
When the toggle is enabled, users must select the Download option to access an HTML document. The Download option is available in the Search page next to the document's title, in the Viewer page content pane, and in the View page title bar. Any attempt to open the document directly in the Viewer page will fail.
Disabling the toggle makes the portal vulnerable to privilege escalation attacks.