Vulnerabilities findings (from Customer's Cyber LAB) with CASMA 22.214.171.124.
Kindly the following Vulnerabilities found .. TO BE FIXED.
Vulnerable jQuery version
TLS cookie without secure flag set
Improperly configured Content-Security-Policy (CSP)
This article focusses on only the Vulnerable jQuery version.
We have inform the customer that this vulnerability has been fixed in CAS 126.96.36.199. See the snippet below, as reference and we have also attached the full release notes for the customer's comfort.
Following this fix, we recommended to upgrade the CAS appliance to version 188.8.131.52, to take advantage of this fix.