Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
3.0.0
Description
Spark 3.0, Spark 2.4.x uses JQuery version < 3.5 which has known security vulnerability in Spark Master UI and Spark Worker UI.
Can we please upgrade JQuery to 3.5 and above ?
https://www.tenable.com/plugins/nessus/136929
According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.