CVE-2011-4969 (Medium) detected in portableapps-thunderbird-38.7.2.source

[mend-bolt-for-github[bot]]

CVE-2011-4969 - Medium Severity Vulnerability

Vulnerable Library - portableappsthunderbird-38.7.2.source

Portable software for cloud, local, and portable USB drives

Library home page: https://sourceforge.net/projects/portableapps/

Found in HEAD commit: 5c148460648c4632fc74ca6b04a47b8a4f25047b

Library Source Files (1)

* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.

- /eu-captcha/main/webapp/WEB-INF/pages/js/jquery-1.2.min.js

Vulnerability Details

Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

Publish Date: 2013-03-08

URL: CVE-2011-4969

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969

Release Date: 2013-03-08

Fix Resolution: 1.6.3

---

Step up your Open Source Security Game with WhiteSource here

[Eddy-Hoevenaers]

i can't find any link to portableapps-thunderbird