search

mrmap-community / GeoPortal.rlp

Other
8 stars 2 forks source link

Replacing jQuery with a up to date version #1

Open holsandre opened 3 years ago

holsandre commented 3 years ago

Status Quo

Currently the GeoPortal has jQuery version 3.3.1 included

line in source code:

<script type="text/javascript" src="/static/searchCatalogue/js/jquery-3.3.1.min.js"></script>

Improvement

Using an up to date version.

Reasoning

The used jQuery version 3.3.1 has multiple known vurnerabilities.

  1. CVE-2019-11358
  2. CVE-2020-11022
  3. CVE-2020-11023