pcoenen Posted April 14, 2021 Share Posted April 14, 2021 Hi, One of my users mailed me the following information: Quote The vulnerability is still reported by the IKARE Tool through the tcp port 8077 . This is the description of the vulnerability : « Summary: The installed version of jQuery on the remote host has reached the End of Life (EOL) and should not be used anymore. Impact: An EOL version of jQuery is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host » Any idea when the jQuery part in uniGUI will get an update? Using uniGUI 1.90.0.1542 Regards, Pascal Link to comment Share on other sites More sharing options...
irigsoft Posted April 14, 2021 Share Posted April 14, 2021 Hello, what type of application do You use , StandAlone or IIS ? Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 Standalone (as Service) Link to comment Share on other sites More sharing options...
irigsoft Posted April 14, 2021 Share Posted April 14, 2021 3 minutes ago, pcoenen said: Standalone (as Service) Thank You. Any external libraries ? Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 No, it's a UniGUI service connecting to a TCP socket and displaying information to the user. Quite simple until the customer used this IKERA tool .. Link to comment Share on other sites More sharing options...
Sherzod Posted April 14, 2021 Share Posted April 14, 2021 50 minutes ago, pcoenen said: The vulnerability is still reported by the IKARE Tool through the tcp port 8077 . This is the description of the vulnerability : « Summary: The installed version of jQuery on the remote host has reached the End of Life (EOL) and should not be used anymore. Impact: An EOL version of jQuery is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host » Hello, Also at the moment, you can try disabling jQuery. UniServerModule -> Options -> soDontLoadJQueryLib = True Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 Also at the moment, you can try disabling jQuery And 'everything' should still work or which part not? Link to comment Share on other sites More sharing options...
pcoenen Posted April 15, 2021 Author Share Posted April 15, 2021 ok I enabled 'soDontLoadJQueryLib' and everything still seems to work so now I'm a bit confused. Which components use the JQuery Lib? Link to comment Share on other sites More sharing options...
Fred Montier Posted April 15, 2021 Share Posted April 15, 2021 I think you can just declare official cdn JQuery at CustomFiles... Link to comment Share on other sites More sharing options...
irigsoft Posted April 15, 2021 Share Posted April 15, 2021 20 minutes ago, Fred Montier said: I think you can just declare official cdn JQuery at CustomFiles... How ? Here in UniGui or in some themes? Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now