Skip to content

Commit bc9d44e

Browse files
yonidavidsonclaude
andauthored
Fix XSS vulnerabilities in jQuery (#105)
* Fix jQuery XSS vulnerabilities by upgrading to 3.7.1 - Updated jQuery from 1.11.0/3.5.0 to 3.7.1 across all templates - Removed vulnerable local jquery.js file (v1.11.0) - Changed fallback from local file to code.jquery.com CDN - Fixes XSS vulnerabilities in jQuery as detected in security scan This addresses the following moderate severity XSS issues: - XSS in jQuery as used in Drupal, Backdrop CMS, and other products - Cross-Site Scripting (XSS) in jquery - Potential XSS vulnerability in jQuery * build --------- Co-authored-by: Claude <noreply@anthropic.com>
1 parent 7857c16 commit bc9d44e

3 files changed

Lines changed: 6 additions & 6 deletions

File tree

docs/index.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -287,8 +287,8 @@ <h1>Code Of Conduct</h1>
287287

288288
</div>
289289

290-
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js"></script>
291-
<script>window.jQuery || document.write('<script src="https://www.gophercon.org.il/js/jquery.js"><\/script>')</script>
290+
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
291+
<script>window.jQuery || document.write('<script src="https://code.jquery.com/jquery-3.7.1.min.js"><\/script>')</script>
292292

293293

294294
<script type="application/javascript">

layouts/index.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,8 @@
4343

4444
</div>
4545

46-
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js"></script>
47-
<script>window.jQuery || document.write('<script src="/js/jquery.js"><\/script>')</script>
46+
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
47+
<script>window.jQuery || document.write('<script src="https://code.jquery.com/jquery-3.7.1.min.js"><\/script>')</script>
4848
{{ if isset .Site.Params "address" }}
4949
{{ with .Site.Params.GoogleMapsKey }}
5050
<script src="https://maps.google.com/maps/api/js?key={{ . }}"></script>

themes/hugo-conference/layouts/index.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,8 +40,8 @@
4040
</div>
4141
</div>
4242

43-
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js"></script>
44-
<script>window.jQuery || document.write('<script src="/js/jquery.js"><\/script>')</script>
43+
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
44+
<script>window.jQuery || document.write('<script src="https://code.jquery.com/jquery-3.7.1.min.js"><\/script>')</script>
4545
{{ if isset .Site.Params "address" }}
4646
{{ with .Site.Params.GoogleMapsKey }}
4747
<script src="https://maps.google.com/maps/api/js?key={{ . }}"></script>

0 commit comments

Comments
 (0)