jQuery XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023) #3544
Labels
3rd Party Bug
3rd party bug
bug
Undesired behaviour
confirmed
Bug is confirm by dev team
resolved
A fixed issue
SECURITY
A security issue reported through CVE
Milestone
Describe the bug
Cacti is affected by CVE-2020-11022 and CVE-2020-11023
Expected behavior
Due to the remedy of these two CVEs, need to upgrade the jQuery to version 3.5.0 or later.
The text was updated successfully, but these errors were encountered: