Old jQuery files: Potential security vulnerability #18
Comments
|
You can update jQuery and create a PR. I'll review and release it. |
|
@NathanBeddoeWebDev Did you mean to close and overwrite your PR on this? I do see the code is still available on your fork: master...NathanBeddoeWebDev:geta-optimizely-tags:master. It would be great to have this patched. |
|
Hi @rbottema, I do have the completed code here somewhere. I'll try and get it updated, and hopefully get a more complete PR up. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi Team @marisks @brianweet @valdisiljuconoks
I am currently undergoing a penetration test on one of my website applications which is currently using this package.
A security vulnerability has been identified with the use of old jQuery files in this package. Taking a look at this code repo, I can see that the following jQuery files used as part of this package.
(https://github.com/Geta/geta-optimizely-tags/blob/master/src/Geta.Optimizely.Tags/module/ClientResources/vendor/jquery-2.1.0.min.js) - /*! jQuery v2.1.0 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license */
https://github.com/Geta/geta-optimizely-tags/blob/master/src/Geta.Optimizely.Tags/module/ClientResources/vendor/jquery-ui.min.js
Can you please advise/help me in how I can resolve this issue?
Kind Regards
Anil
The text was updated successfully, but these errors were encountered: