Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.17.0
-
None
Description
There are some vulnerabilities present in jQuery and Bootstrap libraries used in Drill:
- jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable _proto_ property, it could extend the native Object.prototype.
- In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
- In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
- In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
- In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
The following update is suggested to fix them:
- jQuery: 3.2.1 -> 3.5.0
- Bootstrap: 3.1.1 -> 4.4.1