Revision 9356b0b3
Added by Daniel Lobato Garcia over 7 years ago
| package.json | ||
|---|---|---|
|
"events": "^1.1.1",
|
||
|
"flux": "^2.1.1",
|
||
|
"ipaddr.js": "~1.2.0",
|
||
|
"jquery": "~1.11.0",
|
||
|
"jquery": "~2.2.4",
|
||
|
"jquery-flot": "~0.8.3",
|
||
|
"jquery-ujs": "~1.2.0",
|
||
|
"jquery.cookie": "~1.4.1",
|
||
Also available in: Unified diff
Fixes #17516 - Update jquery to 2.2.4 to fix XSS
Affected versions of the package (< 1.12) are vulnerable to Cross-site
Scripting (XSS) attacks when a cross-domain ajax request is performed
without the dataType option causing text/javascript responses to be
executed.
https://github.com/jquery/jquery/issues/2432 for more information