Support #80
old jquery
Status:
New
Priority:
Low
Assignee:
-
Start date:
06/23/2021
Due date:
% Done:
0%
Estimated time:
Description
/babylon/sound-subscribe.html
/babylon/sound-test.html
/babylon/video-test.html
/babylon/sound-publish.html
<script src="https://code.jquery.com/jquery-3.3.1.min.js"
CVE-2019-11358: jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
CVE-2020-11022: Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
CVE-2020-11023: Regex in its jQuery.htmlPrefilter sometimes may introduce XSS