BSI JQuery Vulnerabilities - CVE-2020-11023 & CVE-2020-11022
search cancel

BSI JQuery Vulnerabilities - CVE-2020-11023 & CVE-2020-11022


Article ID: 273182


Updated On:


CA Business Service Insight


According to version in script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.


BSI 8.3.5.x


With respect to BSI, JQuery usage is very limited with no DOM Manipulation APIs used in the BSI application. 

We sanitize both the client and server side requests before processing the data. 

However, JQuery migration to the latest version is planned as part of the next release of BSI (9.x) which is expected in the first half of 2025 (subject to change).