Dale Clarke created FELIX-6185:
----------------------------------
Summary: jQuery <3.4.0 is vulnerable to prototype pollution attacks
Key: FELIX-6185
URL: https://issues.apache.org/jira/browse/FELIX-6185
Project: Felix
Issue Type: Bug
Components: Web Console
Affects Versions: webconsole-4.3.16
Reporter: Dale Clarke
jQuery prior to version 3.4.0 was vulnerable to prototype pollution
(https://snyk.io/test/npm/jquery/3.3.1). The webconsole currently uses jQuery
3.3.1. jQuery >= 3.4.0 addresses this issues
([https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/).] I'd propose
upgrading to jQuery 3.4.1 and jQuery migrate from 3.0.0 to 3.1.0 to address
this issue.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
