Could you please share the jQuery-UI and jQuery versions of devportal 5.2.1.
We have upgraded the UAT portal to version 5.2.1, and still InfoSec is getting older versions of JQ UI and JQ.
Could you please help us with the JQ versions in devportal.
Release : 5.2.1
jQuery 1.11 0 vulnerable:
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) Passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. . html() , . append() , and others) may execute untrusted code.
Resolution: upgrade the jquery UI version to 1.13.2 or higher because jQuery UI versions prior to 1.13.2 are affected by a cross-site scripting (XSS).
Portal 5.2.2 updated to 1.13.2