View Issue Details

IDProjectCategoryView StatusLast Update
0026357mantisbtsecuritypublic2021-11-22 12:10
Reporterjcamara Assigned To 
Status acknowledgedResolutionopen 
Product Version2.22.0 
Summary0026357: Vulnerability from library JQuery 2.2.4

Our security department reports a pair of known vulnerabilities related with JQuery 2.2.4:

The suggestion is promoting JQuery version as far as possible.

TagsNo tags attached.


related to 0021214 closedcommunity Update jQuery to 2.2.4 
has duplicate 0026384 closeddregad Outdated jquery and bootstrap copies with known vulnerabilities 
has duplicate 0029305 resolveddregad Vulnerability in JQuery 2.2.4 Library 




2019-11-15 03:20

developer   ~0063096

Thanks for the report.

Unfortunately, we are currently on the latest jQuery 2.x release, which is no longer receiving patches. Upgrading to 3.x is not a small undertaking, considering the number of breaking changes, and would require extensinve testing to ensure full compatibility; sadly we do not have the bandwidth for taking this on at the moment.

Contributions are welcome.