Project

General

Profile

Actions
Copy link

Defect #26857

closed

Fix for CVE-2015-9251 in JQuery 1.11.1

Added by Toshi MARUYAMA about 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jean-Philippe Lang
Category:
Security
Target version:
3.3.7
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Fixed
Affected version:

Description

Public message on Redmine forums: Vulnerable Javascript Library reported by Security Scanner

Github issue on jQuery: https://github.com/jquery/jquery/issues/2432

CVE-2015-9251 was assigned to this for jQuery.

Files

0001-Don-t-eval-cross-origin-requests-in-jQuery-26857.patch (1.2 KB) 0001-Don-t-eval-cross-origin-requests-in-jQuery-26857.patch Jan from Planio www.plan.io, 2018-01-30 12:00
Actions
Copy link
 #1

Updated by Jan from Planio www.plan.io almost 7 years ago

Gregor Schmidt has provided an unobtrusive fix which doesn't require a jQuery update. You can find it attached.

Actions
Copy link
 #2

Updated by Jean-Philippe Lang over 6 years ago

  • Project changed from 2 to Redmine
  • Subject changed from Vulnerable jquery 1.11.1 to Fix for CVE-2015-9251 in JQuery 1.11.1
  • Category set to Security
  • Status changed from Resolved to Closed
  • Assignee set to Jean-Philippe Lang
  • Target version set to 3.3.7
  • Resolution set to Fixed

Committed, thanks.

Actions
Copy link

Also available in: Atom PDF