*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Eduardo Barretto (ebarretto):
Summary jQuery is prone to a cross-site scripting (XSS) vulnerability. Detection Result Installed version: 1.7.2 Fixed version: 1.9.0 Installation path / port: /snap/chromium/3002/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js I did a snap refresh chromium on the system and the chromium version is now at version: chromium 131.0.6778.264 from Canonical✓ refreshed and the JQuery file 1.7.2.min.js is still in that directory. Can you please advise us of how to remove this file as we get a vulnerability finding every time security runs a scan on the system. There are actually two directories with old JQuery files /snap/chromium/3002/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js /snap/coromium/3019/tests/data/HTML5test/scripts/jquery/jquery-1.7.2.min.js Version of Ubuntu is 20.04.6 LTS with PRO support enabled. ** Affects: chromium-browser (Ubuntu) Importance: Undecided Status: New -- jQuery < 1.9.0 XSS Vulnerability https://bugs.launchpad.net/bugs/2093373 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs