Giters

popeen / Booksonic-Air

A new Booksonic server based on Airsonic. - OBS: The code here might not be ready for release. Feel free to compile it yourself but if so I recommend searching for the latest commit with the description "Prepare for release"

Home Page:https://booksonic.org

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Security vulnerability in jquery - cross site scripting

mamema opened this issue · comments

commented

Nessus report:

Description
According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios required for successful exploitation do not exist on devices running a PAN-OS release.
Solution
Upgrade to JQuery version 3.5.0 or later.
See Also
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://security.paloaltonetworks.com/PAN-SA-2020-0007

commented

Booksonic is using 3.5.0 already but I am updating it to 3.6.0