[
https://issues.apache.org/jira/browse/NETBEANS-2295?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated NETBEANS-2295:
-------------------------------------
Labels: pull-request-available (was: )
> Update to knockout.js 3.5.0 to solve security issues
> ----------------------------------------------------
>
> Key: NETBEANS-2295
> URL: https://issues.apache.org/jira/browse/NETBEANS-2295
> Project: NetBeans
> Issue Type: Bug
> Components: platform - HTML4J
> Affects Versions: 10.0
> Reporter: Jaroslav Tulach
> Assignee: Jaroslav Tulach
> Priority: Major
> Labels: pull-request-available
>
> h2. org-netbeans-html-ko4j.jar: knockout-3.4.0.js
> {color:#505f79}in
> platform/modules/org-netbeans-html-ko4j.jar/org/netbeans/html/ko4j/knockout-3.4.0.js{color}
> ||Vulnerability||Resolution||
> |[https://github.com/knockout/knockout/issues/1244]| * cross site scripting
> injection
> * only exhibited in Internet Explorer 7 and older which is effectively not
> used at all in 2019
> * fixed in knockout 3.5.0+\||
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@netbeans.apache.org
For additional commands, e-mail: commits-h...@netbeans.apache.org
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
