Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-25814

Update Jquery to version 3.0.0 or greater to fix CVE-2015-9251

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Low Low
    • 9.6.0
    • 9.2.13
    • Security
    • None

      Issue Summary

      jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

      https://nvd.nist.gov/vuln/detail/CVE-2015-9251

      Steps to Reproduce

      Check the version of Jquery used, in Bamboo 9.2.13 version 2.2.4 is used

      Expected Results

      Version > 3.0.0 should be used.

      Actual Results

      NA

      Workaround

      None

              Unassigned Unassigned
              4f38d6bf51c0 Shashank Kumar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: