You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Details: CVE-2015-9251: jQuery versions on or above 1.4.0 and below 1.12.0 (version 1.12.3 and above but below 3.0.0-beta1 as well) are vulnerable to XSS via 3rd party text/javascript responses(3rd party CORS request may execute). (jquery/jquery#2432).
Solution: jQuery version 1.12.0 has been released to address the issue (http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/). NOTE: Fix was reverted back in 1.12.2, so version 1.12.3 and above but below 3.0.0-beta1 are vulnerable as well. Please refer to vendor documentation (https://blog.jquery.com/) for the latest security updates.
The text was updated successfully, but these errors were encountered:
Vulnerable javascript library: jQuery version: 1.11.3
Details:
CVE-2015-9251: jQuery versions on or above 1.4.0 and below 1.12.0 (version 1.12.3 and above but below 3.0.0-beta1 as well) are vulnerable to XSS via 3rd party text/javascript responses(3rd party CORS request may execute). (jquery/jquery#2432).
Solution: jQuery version 1.12.0 has been released to address the issue (http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/). NOTE: Fix was reverted back in 1.12.2, so version 1.12.3 and above but below 3.0.0-beta1 are vulnerable as well. Please refer to vendor documentation (https://blog.jquery.com/) for the latest security updates.
The text was updated successfully, but these errors were encountered: