By: Mark Diender Account Admin 22 Dec 2016 at 9:23 a.m. CST

1 Response
Mark Diender gravatar
A security audit which one of our customers ran on our system revealed Gluu is using an outdated Jquery library (v1.11.2). This version is vulnerable to the following exploit. https://github.com/jquery/jquery/issues/2432 Can someone confirm Gluu is vulnerable to this XSS-exploit? and if yes, is it possible to manually upgrade the used Jquery library to a version 1.12 or higher without breaking?

By Sahil Arora user 26 Dec 2016 at 11:41 p.m. CST

Sahil Arora gravatar
Jquery library version has been updated to v1.12.4 in CE 3.0.0. Please refer [here](https://github.com/GluuFederation/oxAuth/issues/411)