Details
-
Suggestion
-
Resolution: Duplicate
-
None
Description
The version of jQuery bundled in Bitbucket server is affected by the CVE described below.
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Attachments
Issue Links
- relates to
-
BSERV-10873 The version of jQuery in use is vulnerable to several issues
- Closed