Project

General

Profile

Actions

Bug #23071

open

The jQuery version we are using is unsafe

Added by Avi Sharvit almost 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
JavaScript stack
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

https://nvd.nist.gov/vuln/detail/CVE-2015-9251
https://nvd.nist.gov/vuln/detail/CVE-2016-10707

"jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed."


Related issues 1 (0 open1 closed)

Related to Foreman - Refactor #21860: Update jquery to version 3DuplicateAvi SharvitActions
Actions #1

Updated by Tomer Brisker almost 6 years ago

Actions

Also available in: Atom PDF