-
jennamonkeyAsked on February 11, 2019 at 7:14 PM
Hello, to be able to pass my PCI on my website , it says I need to upgrade to jQuery to version 3.0.0?
please can you help me understand how to do this on my site:
https://www.minnietheclownparties.co.uk/book-a-party-payment-details.html
It says:
jQuery is vulnerable to Cross-site Scripting (XSS) attacks because the Query() function does not differentiate selectors from HTML in a reliable way. In vulnerable versions, jQuery determines if the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility to build a malicious payload.
This finding indicates that either the root domain url, sub-domain url, or an imported/sourced version of jQuery is below jQuery version 1.9.0. All three scenarios allow an attacker to execute cross site scripting attacks on the root domain.
For details about which pages jQuery has been detected on, as well as detected jQuery script source paths, please refer to the evidence presented in the jQuery Script Detection finding (vulncode 30005875).
thanks
-
David JotForm Support ManagerReplied on February 11, 2019 at 10:02 PM
If you need to update your jQuery libraries, you need to ask your webmaster, or website provider.
If you have any questions related to your jotform, please let us know what you need on this thread.
- Templates
- Integrations
- INTEGRATIONS
- See 100+ integrations
- FEATURED INTEGRATIONS
PayPal- Slack
- Google Sheets
- Mailchimp
- Zoom
- Dropbox
- Google Calendar
- Hubspot
- Salesforce
- See more Integrations
- Products
- PRODUCTS
- Form Builder
- Jotform Enterprise
- Jotform Apps
- Store Builder
- Jotform Tables
- Jotform Inbox
- Jotform Mobile App
- Jotform Approvals
- Report Builder
- Smart PDF Forms
- PDF Editor
- Jotform Sign
- Jotform for Salesforce Discover Now
- Support
