Vulnerable JQuery Cookie library used

martin-g / wicket-bootstrap

Apache Wicket components for Twitter Bootstrap - Wicket-Bootstrap is based on Twitter's toolkit (bootstrap) and the Apache Wicket Framework.

https://wicketbootstrap.teliclab.info/

296 stars 162 forks source link

Vulnerable JQuery Cookie library used #1090

Closed mcr-paulanand closed 5 months ago

mcr-paulanand commented 5 months ago

CVE: CVE-2022-23395 Version used: 1.3.1 Used in: bootstrap-extensions/src/main/java/de/agilecoders/wicket/extensions/markup/html/bootstrap/references/js/jquery.cookie.js

mcr-paulanand commented 5 months ago

I have created a PR #1091 to fix this. Please review.

martin-g commented 5 months ago

Fixed with #1091