Portal 5.2.2 still report it is using a outdated Jquery which has several CVE
search cancel

Portal 5.2.2 still report it is using a outdated Jquery which has several CVE

book

Article ID: 277510

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

Portal 5.2.2 still report it is using a outdated jQuery library in some JavaScript files

URL   https://URL/admin/js/oktasign.js
Method   GET
Parameter   
Attack   
Evidence   * jQuery JavaScript Library v1.12.4
Other Info   CVE-2020-11023 CVE-2020-11022 CVE-2015-9251 CVE-2019-11358 CVE-2020-23064

 

Resolution

This remaining JavaScript library in oktasign.js  will be update in the next portal release . the  target is to be delivered with the Portal 5.2.3 release .

Powered by Wolken Software