Skip to content

jQuery XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023) #3544

New issue
New issue
Closed
Closed
jQuery XSS vulnerabilities require vendor package update (CVE-2020-11022 / CVE-2020-11023)#3544
Labels
3rd Party Bug3rd party bugSECURITYA security issue reported through CVEbugUndesired behaviourconfirmedBug is confirm by dev teamresolvedA fixed issue
Milestone
 
1.2.13
@kim-fitness

Description

@kim-fitness
kim-fitness
opened on May 8, 2020

Describe the bug

Cacti is affected by CVE-2020-11022 and CVE-2020-11023

Expected behavior

Due to the remedy of these two CVEs, need to upgrade the jQuery to version 3.5.0 or later.

Metadata

Metadata

Assignees

No one assigned

    Labels

    3rd Party Bug3rd party bugSECURITYA security issue reported through CVEbugUndesired behaviourconfirmedBug is confirm by dev teamresolvedA fixed issue

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions