Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-16555

Update to the latest version of jQuery

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Unverified Fix (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.3.0
    • Fix Version/s: 3.3.1
    • Component/s: JavaScript / AJAX
    • Environment:
      PHP 7.4.7, MySQL 5.6.23, Windows Server 2012 R2, FireFox 78.0.2

      Description

      The current version of jQuery 3.4.1 that we are using has been reported in our vulnerability scan as follow.

      "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Marc Marc
              Reporter:
              sweetness1 sweetness1
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: