WS-2013-0008 (Low) detected in jquery-migrate-1.1.1.min.js #7
Description
WS-2013-0008 - Low Severity Vulnerability
Vulnerable Library - jquery-migrate-1.1.1.min.js
Migrate older jQuery code to jQuery 1.9+
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.1.1/jquery-migrate.min.js
Path to vulnerable library: /QuizAppUI/QuizApp/aries/js/plugins/jquery/jquery-migrate-1.1.1.min.js,/QuizAppUI/QuizApp/QuizApp.UI/js/plugins/jquery/jquery-migrate-1.1.1.min.js,/QuizAppUI/QuizApp/aries/js/plugins/jquery/jquery-migrate-1.1.1.min.js
Dependency Hierarchy:
- ❌ jquery-migrate-1.1.1.min.js (Vulnerable Library)
Found in HEAD commit: d37d24b63bfa9b2f3f9b85cb0e4758109d7acea8
Vulnerability Details
Cross-site-scripting (XSS) vulnerability allows an attacker to control the contents of the hash on the URL to run code in jQuery.Migrate before 1.2.0.
Publish Date: 2016-08-03
URL: WS-2013-0008
CVSS 2 Score Details (2.7)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: http://blog.jquery.com/2013/05/01/jquery-migrate-1-2-0-released/
Release Date: 2017-01-31
Fix Resolution: 1.2.0
Step up your Open Source Security Game with WhiteSource here