Last Modified: May 21, 2021
See more info
Known Affected Versions:
11.2.1, 11.3.0, 11.4.0
11.5.0, 11.4.0 HF3, 11.3.0 HF8
Opened: May 11, 2013
If you have pages where browser compatibility is maintained via the use of the '<meta http-equiv="X-UA-Compatible" content="IE=8" />' tag, the CSRF script could be injected into the wrong place.
CSRF script gets inserted after the first meta tag, not after the X-UA-Compatible meta tag. This can cause certain versions of Microsoft Internet Explorer (IE), for example, v10, to not load the pages properly.
This issue has no workaround at this time.