Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. (https://nvd.nist.gov/vuln/detail/CVE-2011-4969)
Not a big fan of jquery as it has started failing multiple security tests. Should we remove its dependency altogether?
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. (https://nvd.nist.gov/vuln/detail/CVE-2011-4969)
Not a big fan of jquery as it has started failing multiple security tests. Should we remove its dependency altogether?