On Thursday, May 7, 2020 at 6:59:37 AM UTC-7, Balázs Bence wrote: > > Hi, > > Recently WhiteSource flagged a vulnerability in 3.4.1: > > In jQuery before 3.5.0, passing HTML from untrusted sources - even > after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. > .html(), .append(), and others) may execute untrusted code. This problem is > patched in jQuery 3.5.0. > > > Can you add 3.5.0 to google hosted libraries? > > https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js > <https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js> > > Thanks, > > Bence > > > It's updated on the hosted libraries page but the URL doesnt even work: > https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js >
-- -- You received this message because you are subscribed to the Google Groups "Google AJAX APIs" group. To post to this group, send email to google-ajax-search-api@googlegroups.com To unsubscribe from this group, send email to google-ajax-search-api+unsubscr...@googlegroups.com To view this message on the web, visit https://groups.google.com/d/msgid/google-ajax-search-api/d21fdcc9-8213-4afe-8e34-351616763d0b%40googlegroups.com For more options, visit this group at http://groups.google.com/group/google-ajax-search-api?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "Google AJAX APIs" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-ajax-search-api+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-ajax-search-api/d21fdcc9-8213-4afe-8e34-351616763d0b%40googlegroups.com.
