pcoenen Posted April 14, 2021 Share Posted April 14, 2021 Hi, One of my users mailed me the following information: Quote The vulnerability is still reported by the IKARE Tool through the tcp port 8077 . This is the description of the vulnerability : « Summary: The installed version of jQuery on the remote host has reached the End of Life (EOL) and should not be used anymore. Impact: An EOL version of jQuery is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host » Any idea when the jQuery part in uniGUI will get an update? Using uniGUI 1.90.0.1542 Regards, Pascal Quote Link to comment Share on other sites More sharing options...
irigsoft Posted April 14, 2021 Share Posted April 14, 2021 Hello, what type of application do You use , StandAlone or IIS ? Quote Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 Standalone (as Service) Quote Link to comment Share on other sites More sharing options...
irigsoft Posted April 14, 2021 Share Posted April 14, 2021 3 minutes ago, pcoenen said: Standalone (as Service) Thank You. Any external libraries ? Quote Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 No, it's a UniGUI service connecting to a TCP socket and displaying information to the user. Quite simple until the customer used this IKERA tool .. Quote Link to comment Share on other sites More sharing options...
Sherzod Posted April 14, 2021 Share Posted April 14, 2021 50 minutes ago, pcoenen said: The vulnerability is still reported by the IKARE Tool through the tcp port 8077 . This is the description of the vulnerability : « Summary: The installed version of jQuery on the remote host has reached the End of Life (EOL) and should not be used anymore. Impact: An EOL version of jQuery is not receiving any security updates from the vendor. Unfixed security vulnerabilities might be leveraged by an attacker to compromise the security of this host » Hello, Also at the moment, you can try disabling jQuery. UniServerModule -> Options -> soDontLoadJQueryLib = True Quote Link to comment Share on other sites More sharing options...
pcoenen Posted April 14, 2021 Author Share Posted April 14, 2021 Also at the moment, you can try disabling jQuery And 'everything' should still work or which part not? Quote Link to comment Share on other sites More sharing options...
pcoenen Posted April 15, 2021 Author Share Posted April 15, 2021 ok I enabled 'soDontLoadJQueryLib' and everything still seems to work so now I'm a bit confused. Which components use the JQuery Lib? Quote Link to comment Share on other sites More sharing options...
Fred Montier Posted April 15, 2021 Share Posted April 15, 2021 I think you can just declare official cdn JQuery at CustomFiles... Quote Link to comment Share on other sites More sharing options...
irigsoft Posted April 15, 2021 Share Posted April 15, 2021 20 minutes ago, Fred Montier said: I think you can just declare official cdn JQuery at CustomFiles... How ? Here in UniGui or in some themes? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.