Outdated JavaScript library Handlebars, jQuery and Bootstrap
shiftbreak opened this issue · comments
ScoutSuite/output/data/includes.zip contains outdated JavaScript libraries with known weaknesses:
- Handlebars 3.0.0
- Bootstrap 4.2.1
- JQuery 3.3.1
ScoutSuite/output/data/html/report.html:
<!-- Bootstrap core CSS -->
<link href="inc-bootstrap/css/bootstrap.min.css" rel="stylesheet">
...
<!-- jQuery -->
<script src="inc-jquery/jquery-3.3.1.min.js"></script>
<!-- Handlebars -->
<script src="inc-handlebars/handlebars-v3.0.0.js"></script>
I understand that these issues are probably not exploitable. However this does lead to issues in running the tool in a corporate environment where code scans are carried out and exceptions need to be raised to use outdated libraries.
If it's possible to update these files to the latest version or a more recent version it would greatly improve usability.