p engels created MESOS-10230:
--------------------------------
Summary: Please update JQuery from 3.2.1 to 3.5.0+
Key: MESOS-10230
URL: https://issues.apache.org/jira/browse/MESOS-10230
Project: Mesos
Issue Type: Improvement
Components: security
Affects Versions: 1.11.0
Reporter: p engels
JQuery versions between 1.2 and 3.5.0 are vulnerable to multiple
cross-site-scripting vulnerabilities. More info can be found on JQuery's
website:
blog.jquery.com: [https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/]
My organization's vulnerability scanner locates the out-of-date jquery at this
url (sanitized for security reasons):
[http://example.com:5050/assets/libs/jquery-3.2.1.min.js]
Please remove the old version of JQuery and replace it with version 3.5.0 or
greater. If this is already planned for a future release, please comment on
this request with the version this will be fixed in.
Keep up the good work, Apache community <3
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
