[SOLVED] Found outdated jQuery File Upload plugin

3 months 5 days ago - 3 months 1 day ago #310782 by inspry
Hi there,

Sucuri is reporting this file is out of date:
Found outdated jQuery File Upload plugin inside: ./components/com_comprofiler/js - Version: 9.18.0 - Please update asap.

Anybody have any ideas on this?

Thanks for any help you can provide.
3 months 5 days ago #310783 by inspry
Note I am on the latest CB
3 months 4 days ago #310797 by krileon
It's not necessary for us to update jQuery File Upload plugin at this time. The 2 vulnerabilities reported and fixed in jQuery File Upload are entirely in their PHP endpoints, which we don't use and don't exist in CB. The JS it self is unchanged, which is all we use.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Templates - CBSubs - Hosting - Forge - Incubator - GroupJive
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM EST to 4:00 PM EST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
3 months 3 days ago #310805 by inspry
Perfect, thank you for your quick response. Kunena (which had the same false positive) basically said the same thing. Thanks again for being so quick on this!
The following user(s) said Thank You: nant, krileon
2 months 4 hours ago #311483 by aidtcom
I received the same message. So, what do we do about this? Do we remove those files? I'm not sure what to do now.
1 month 4 weeks ago #311492 by krileon
You just ignore it. Our implementation is not vulnerable. The vulnerabilities in jQuery File Upload are in their PHP files, which do not exist in CB. There is no vulnerability in the JS.


Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Templates - CBSubs - Hosting - Forge - Incubator - GroupJive
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM EST to 4:00 PM EST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Moderators: beatnantkrileon
Time to create page: 0.438 seconds
Facebook Twitter Google LinkedIn