A vulnerability scan flagged an older script/tool referenced in the product documentation from 2021.

Detection Details

According to the self-reported version in the script, the hosted version of jQuery is greater than or equal to 1.2 and prior to 3.5.0. Consequently, it is affected by multiple Cross-Site Scripting (XSS) vulnerabilities.

Note: While the vulnerability scanner flagged this component, the scenarios required for successful exploitation do not exist in this environment, resulting in no actual security impact on the active system. However, the documentation required updating to eliminate references to this outdated tool.

• Product: Dollar Universe

• Component: Univiewer Management Server (UVMS)

• Version: 7.x

The product documentation incorrectly maintained reference guidelines for a deprecated tool that utilized an outdated, vulnerable version of jQuery.

The technical documentation has been officially updated to remove the deprecated references and correct the historical details.

You can review the updated guidelines directly in the Broadcom Tech Docs:

• Dollar Universe Telemetry & Connection Documentation

Changes Implemented:

• Updated the "Send Usage" section to reflect current, secure standards.

• Refreshed and corrected historical file details, including:

  • product_sku

  • sku_description

  • product_version