Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-6185

jQuery <3.4.0 is vulnerable to prototype pollution attacks

    XMLWordPrintableJSON

    Details

      Description

      jQuery prior to version 3.4.0 was vulnerable to prototype pollution (https://snyk.io/test/npm/jquery/3.3.1).  The webconsole currently uses jQuery 3.3.1.  jQuery >= 3.4.0 addresses this issues (https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/).  I'd propose upgrading to jQuery 3.4.1 and jQuery migrate from 3.0.0 to 3.1.0 to address this issue.

        Attachments

          Activity

            People

            • Assignee:
              cziegeler Carsten Ziegeler
              Reporter:
              d.clarke Dale Clarke
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: