Open AnilEPi opened 1 year ago
You can update jQuery and create a PR. I'll review and release it.
@NathanBeddoeWebDev Did you mean to close and overwrite your PR on this? I do see the code is still available on your fork: https://github.com/Geta/geta-optimizely-tags/compare/master...NathanBeddoeWebDev:geta-optimizely-tags:master. It would be great to have this patched.
Hi @rbottema, I do have the completed code here somewhere. I'll try and get it updated, and hopefully get a more complete PR up.
Hi Team @marisks @brianweet @valdisiljuconoks
I am currently undergoing a penetration test on one of my website applications which is currently using this package. A security vulnerability has been identified with the use of old jQuery files in this package. Taking a look at this code repo, I can see that the following jQuery files used as part of this package.
(https://github.com/Geta/geta-optimizely-tags/blob/master/src/Geta.Optimizely.Tags/module/ClientResources/vendor/jquery-2.1.0.min.js) - /! jQuery v2.1.0 | (c) 2005, 2014 jQuery Foundation, Inc. | jquery.org/license / https://github.com/Geta/geta-optimizely-tags/blob/master/src/Geta.Optimizely.Tags/module/ClientResources/vendor/jquery-ui.min.js
Can you please advise/help me in how I can resolve this issue?
Kind Regards
Anil