Vulnerabilities findings (from Customer's Cyber LAB) with CASMA 3.1.4.1.

Kindly the following Vulnerabilities found .. TO BE FIXED.

Vulnerable jQuery version
TLS cookie without secure flag set
Improperly configured Content-Security-Policy (CSP)

This article focusses on only the Vulnerable jQuery version.

Release: 3.1.4.1

We have inform the customer that this vulnerability has been fixed in CAS 3.1.5.0. See the snippet below, as reference and we have also attached the full release notes for the customer's comfort.

Following this fix, we recommended to upgrade the CAS appliance to version 3.1.5.0, to take advantage of this fix.