Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE-2021-32850] Potential XSS in jquery-minicolors #1561

Closed
ikedas opened this issue Dec 27, 2022 · 0 comments · Fixed by #1562
Closed

[CVE-2021-32850] Potential XSS in jquery-minicolors #1561

ikedas opened this issue Dec 27, 2022 · 0 comments · Fixed by #1562
Labels
bug ready A PR is waiting to be merged. Close to be solved security

Comments

@ikedas
Copy link
Member

ikedas commented Dec 27, 2022
edited
Loading

Version

6.2.35b.1 or later.

Installation method

All. However, this does not apply if the packager bundled the recent version of jquery-minicolors on its own.

Possible solution

Update jquery-minicolor bundled in Sympa to the latest version (See related PR).

Additional information

See also: GHSA-vc9x-gmmr-p7jj, GHSL-2021-1045
ikedas added a commit to ikedas/sympa that referenced this issue Dec 27, 2022
@ikedas
[CVE-2021-4243] Potential XSS in jquery-minicolors (sympa-community#1561
8f03a47 
)
@ikedas ikedas mentioned this issue Dec 27, 2022
Merged
@ikedas ikedas added the ready A PR is waiting to be merged. Close to be solved label Jan 4, 2023
ikedas added a commit that referenced this issue Feb 2, 2023
@ikedas
Merge pull request #1562 from ikedas/cve-2021-4243 by ikedas
32a2e5d 
[CVE-2021-4243] Potential XSS in jquery-minicolors (#1561)
@ikedas ikedas changed the title [CVE-2021-4243] Potential XSS in jquery-minicolors [CVE-2021-4243] [CVE-2021-32850] Potential XSS in jquery-minicolors Feb 21, 2023
@ikedas ikedas changed the title [CVE-2021-4243] [CVE-2021-32850] Potential XSS in jquery-minicolors [CVE-2021-32850] Potential XSS in jquery-minicolors Feb 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug ready A PR is waiting to be merged. Close to be solved security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[CVE-2021-32850] Potential XSS in jquery-minicolors (#1561) ikedas/sympa
1 participant
@ikedas