back to phpList.org

JQuery Version 1.5.2


#1

It looks like PHPlist is using a very old version of JQuery. (V1.5.2) I was wondering what others were doing to mitigate the security concerns of this? Has anyone manually updated the JQuery version without any side effects?

Thanks!
Kathleen


#2

Do you mean phpList 3 itself or a dependency library or plugin?

It would be great if you could try updating it yourself, and submit it in a GitHub pull request.


#3

phplist-3.3.8\public_html\lists\admin\js

It looks like it is using the JQuery verison 1.7.1. It looks like there are security vulnerabilities for any version of Jquery before 1.9.0.

https://www.cvedetails.com/vulnerability-list/vendor_id-6538/product_id-11031/version_id-235564/Jquery-Jquery-1.7.1.html


#4

Reported to the issue tracker: https://mantis.phplist.org/view.php?id=19755