*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Eduardo Barretto
(ebarretto):
Summary
jQuery is prone to a cross-site scripting (XSS)
vulnerability.
Detection Result
Installed version: 1.7.2
Fixed version: 1.9.0
Installation
path / port:
/snap/chromium/3002/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js
I did a snap refresh chromium on the system and the chromium version is now at
version:
chromium 131.0.6778.264 from Canonical✓ refreshed
and the JQuery file 1.7.2.min.js is still in that directory.
Can you please advise us of how to remove this file as we get a vulnerability
finding every time security runs a scan on the system. There are actually two
directories with old JQuery files
/snap/chromium/3002/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js
/snap/coromium/3019/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js
Version of Ubuntu is 20.04.6 LTS with PRO support enabled.
** Affects: chromium-browser (Ubuntu)
Importance: Undecided
Status: New
--
jQuery < 1.9.0 XSS Vulnerability
https://bugs.launchpad.net/bugs/2093373
You received this bug notification because you are a member of Ubuntu Bugs,
which is subscribed to the bug report.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
