[ https://issues.apache.org/jira/browse/NIFI-10368?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann updated NIFI-10368: ------------------------------------ Status: Patch Available (was: Open) > Upgrade jQuery UI to 1.13.2 > --------------------------- > > Key: NIFI-10368 > URL: https://issues.apache.org/jira/browse/NIFI-10368 > Project: Apache NiFi > Issue Type: Improvement > Components: Core UI > Reporter: David Handermann > Assignee: David Handermann > Priority: Minor > Labels: dependency-upgrade > Time Spent: 10m > Remaining Estimate: 0h > > The jQuery UI library before version 1.13.2 has an XSS vulnerability > described in [CVE-2022-31160|https://nvd.nist.gov/vuln/detail/CVE-2022-31160]. > Although Apache NiFi does not make direct use of the vulnerable > {{checkboxradio()}} function, upgrading jQuery UI to 1.13.2 mitigates > potential issues and moves away from version 1.12.1, which is no longer > supported. -- This message was sent by Atlassian Jira (v8.20.10#820010)