Changes between Initial Version and Version 1 of Ticket #29029, comment 2
- Timestamp:
- Feb 1, 2018, 8:13:22 AM (6 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #29029, comment 2
initial v1 1 The re is also an XSS vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2015-9251)present in all jQuery versions prior to 3.x. If I'm reading Django's git logs correctly, `master` contains jQuery 3.x but no version of Django with jQuery 3.x has been released yet. So all released versions are at risk.1 The XSS vulnerability is present in all jQuery versions prior to 3.x. If I'm reading Django's git logs correctly, `master` contains jQuery 3.x but no version of Django with jQuery 3.x has been released yet. So all released versions are at risk. 2 2 3 3 Even if Django's own code does not make use of the vulnerable functions, it remains that: