PowerSchool release 18.104.22.168 introduces a "Cross-Site Scripting" check that limits HTML tags and attributes which can be saved in the PowerSchool web interface. This check impacts IEP Anywhere customers using the PowerSchool Alerts and Document Viewer Integration.
Districts that have upgraded to release 11.0.4.X currently see a "Cross-Site Scripting" error when saving on the "Other Information" page in PowerSchool for any student who has an IEP Anywhere alert.
In the next 1-2 days, your district's alert integration will be automatically updated to use HTML that is compliant with PowerSchool's new check. However, this fix additionally requires that your IT staff updates PowerSchool pages to load a small script that (a) positions and styles alerts appropriately and (b) opens alerts when clicked in a new tab. Failure to complete the steps below will cause a blank page to be displayed when an alert is clicked after your district's alert integration has updated, no matter your version of PowerSchool. These steps may be completed at any time, in advance or after your integration has updated.
The following steps are required by an IT staff member:
For questions or additional information, please email email@example.com