API Portal 5.2.3 is using Bootstrap 2.1.0 - which is unsupported and vulnerable

search cancel

API Portal 5.2.3 is using Bootstrap 2.1.0 - which is unsupported and vulnerable

book

Article ID: 367942

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

The API Developer Portal 5.2.3 version is still using an old and vulnerable JS libs.

Bootstrap 2.1.0 - unsupported and vulnerabilities (https://endoflife.date/bootstrap)

Environment

API Portal 5.2.x

Resolution

We have mitigated this XSS CVE issue in this bootstrap JS version used in Portal 5.2.3, so there are no know vulnerabilities at the moment. Due to design changes, we cannot upgrade the bootstrap library to a higher version.

In the future, we are working on moving all pages to react and will soon remove this bootstrap JS in a upcoming version of API Developer Portal.

Feedback

thumb_up Yes

thumb_down No