Facebook with Latestnigeriannews  Twieet with latestnigeriannews  RSS Page Feed
Home  |  All Headlines  |  Punch  |  Thisday  |  Daily Sun  |  Vanguard   |  Guardian  |  The Nation  |  Daily Times  |  Daily Trust  |  Daily Independent
World  |  Sports  |  Technology  |  Entertainment  |  Business  |  Politics  |  Tribune  |  Leadership  |  National Mirror  |  BusinessDay  |  More Channels...

Viewing Mode:

Archive:

  1.     Tool Tips    
  2.    Collapsible   
  3.    Collapsed     
Click to view all Entertainment headlines today

Click to view all Sports headlines today

6 In 10 Websites May Be Impacted by jQuery XSS Vulnerabilities

Published by Slashdot on Sun, 10 Nov 2019


"Although the JavaScript library jQuery is no longer as popular as it was, it is still widely used. As a result at least six in ten websites are impacted by jQuery XSS vulnerabilities," reports I Programmer:Even more security issues are introduced by the jQuery libraries used to extend jQuery's capabilities. These findings come from open source security platform, Snyk and are included in "The state of JavaScript frameworks security report 2019". While this report is mainly devoted to a security review of the two leading JavaScript frameworks, Angular and React, it takes a "sneak peek" into the security vulnerabilities in three other frontend JavaScript ecosystem projects - Vue.js, Bootstrap and jQuery. jQuery was downloaded more than 120 million times in the last 12 months, which is equivalent to the number of downloads for Vue.js (40 million) and Bootstrap (79 million) combined. Snyk reports that four vulnerabilities had been found for Vue.js, all of which have been fixed. Bootstrap contained seven cross-site scripting (XSS) vulnerabilities. Three of these were disclosed in 2019 and there are no security fixes or upgrade paths to avoid them. In the case of jQuery, Snyk tracked six security vulnerabilities affecting jQuery across all of its releases to date. Four are medium severity Cross-Site Scripting vulnerabilities, one is a medium severity Prototype Pollution vulnerability, and the final one is a low severity Denial of Service vulnerability. The report concludes that unless you are using jQuery 3.4.0 and above then you are using vulnerable jQuery versions.Read more of this story at Slashdot.
Click here to read full news..

All Channels Nigerian Dailies: Punch  |  Vanguard   |  The Nation  |  Thisday  |  Daily Sun  |  Guardian  |  Daily Times  |  Daily Trust  |  Daily Independent  |   The Herald  |  Tribune  |  Leadership  |  National Mirror  |  BusinessDay  |  New Telegraph  |  Peoples Daily  |  Blueprint  |  Nigerian Pilot  |  Sahara Reporters  |  Premium Times  |  The Cable  |  PM News  |  APO Africa Newsroom

Categories Today: World  |  Sports  |  Technology  |  Entertainment  |  Business  |  Politics  |  Columns  |  All Headlines Today

Entertainment (Local): Linda Ikeji  |  Bella Naija  |  Tori  |  Pulse  |  The NET  |  DailyPost  |  Information Nigeria  |  Gistlover  |  Lailas Blog  |  Miss Petite  |  Olufamous  |  Stella Dimoko Korkus Blog  |  Ynaija  |  All Entertainment News Today

Entertainment (World): TMZ  |  Daily Mail  |  Huffington Post

Sports: Goal  |  African Football  |  Bleacher Report  |  FTBpro  |  Kickoff  |  All Sports Headlines Today

Business & Finance: Nairametrics  |  Business Insider  |  Forbes  |  Entrepreneur  |  The Economist  |  BusinessTech  |  Financial Watch  |  BusinessDay  |  All Business News Headlines Today

Technology (Local): Techpoint  |  TechMoran  |  TechCity  |  Innovation Village  |  IT News Africa  |  Technology Times  |  Technext  |  Techcabal  |  All Technology News Headlines Today

Technology (World): Techcrunch  |  Techmeme  |  Slashdot  |  Wired  |  Hackers News  |  Engadget  |  Pocket Lint  |  The Verge

International Networks:   |  CNN  |  BBC  |  Al Jazeera  |  Yahoo

Forum:   |  Nairaland  |  Naij

Other Links: Home   |  Nigerian Jobs