Loading...

XML

Word

Printable

Details

Type: Suggestion
Resolution: Unresolved
Fix Version/s: None
Component/s: None
Labels:
None

UIS:
1
Feedback Policy:

We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

Description

_https://baseurl/issues?jql=_

Vulnerable javascript library: TinyMCE version: 4.6.4

Vulnerability is addressed in TinyMCE 4.7.12 (https://www.tinymce.com/docs/changelog/)

Vulnerable javascript library: jQuery version: 1.7.2

Vulnerability is addressed in 1.9.0b1 (https://bugs.jquery.com/ticket/11290)

Vulnerable javascript library: moment version: 2.6.0

Vulnerability is addressed in 2.11.2 (https://github.com/moment/moment/blob/develop/CHANGELOG.md)

Attachments

Issue Links

is related to

JSWSERVER-20505 Security vulnerabilities exist in Javascript libraries used in Jira Software (8.8.0)

Gathering Interest

relates to

JRASERVER-72052 Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

Published

mentioned in: Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Jordan Wade

Votes:: 12 Vote for this issue

Watchers:: 17 Start watching this issue

Dates

Created:: 20/Aug/2018 4:26 PM

Updated:: 06/Jul/2022 2:28 AM