Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-10230

Please update JQuery from 3.2.1 to 3.5.0+

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Accepted
    • Minor
    • Resolution: Unresolved
    • 1.11.0
    • None
    • security
    • None

    Description

      JQuery versions between 1.2 and 3.5.0 are vulnerable to multiple cross-site-scripting vulnerabilities. More info can be found on JQuery's website:

      blog.jquery.com: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

      My organization's vulnerability scanner locates the out-of-date jquery at this url (sanitized for security reasons):

      http://example.com:5050/assets/libs/jquery-3.2.1.min.js

       

      Please remove the old version of JQuery and replace it with version 3.5.0 or greater. If this is already planned for a future release, please comment on this request with the version this will be fixed in.

       

      Keep up the good work, Apache community <3

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #411

          Activity

            People

              apeters Andreas Peters
              pengels p engels
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: