This repository has been archived by the owner on May 12, 2020. It is now read-only.
Vulnerabilities from jQuery 2.2.4 #21
Comments
|
@jodylecompte Fixing a security issue is always welcome! Could you please send a PR and we could discuss potential BC issues there? Thanks! |
|
@hkdobrev Certainly, I'll start digging in later this evening. I'm not familiar off the top of the head with what API changes were made in jQuery to warrant the major version upgrade from 2.X to 3.X, but it's possible the upgrade will be entirely painless. |
|
I meant to include the link to the Snky report in my opening comment, that's what initially tipped me off to the problem. |
ghost
mentioned this issue
Closed
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Including jQuery 2.2.4 inroduces a potential for XSS vulnerabilities, should be upgraded to minimum of 3.0.0.
I'm happy to upgrade and ensure no jQuery related functionality is broken in the process, but wanted to ensure this project was still being maintained / used first.
The text was updated successfully, but these errors were encountered: