Details
-
Improvement
-
Status: Unverified Fix (View Workflow)
-
Major
-
Resolution: Fixed
-
3.3.0
-
PHP 7.4.7, MySQL 5.6.23, Windows Server 2012 R2, FireFox 78.0.2
Description
The current version of jQuery 3.4.1 that we are using has been reported in our vulnerability scan as follow.
"In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."
Attachments
Issue Links
- was caused by solution of
-
PHPBB-16568 Problem with drop-down menu
- Closed