Other > Viruses and worms
Where we would not expect these retirable jQuery libraries
(1/1)
polonus:
Re: https://aw-snap.info/file-viewer/?protocol=secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=YmxdZy5tfGx3fH17Ynl0e3MuXl1tYCN7dHtedFtdbnNgdH1danxuLXxne250YA%3D%3D~enc
Where we checked with retire.js extension: -https://blog.malwarebytes.com/detections/trojan-agent/
and detected
bootstrap 3.3.5 Found in -https://www.malwarebytes.com/js/bootstrap.js
Vulnerability info:
High 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 1
Medium 20184 XSS in data-target property of scrollspy CVE-2018-14041 1
Medium 20184 XSS in collapse data-parent attribute CVE-2018-14040 1
Medium 20184 XSS in data-container property of tooltip CVE-2018-14042 1
jquery 1.11.3.min Found in -https://www.malwarebytes.com/js/jquery-1.11.3.min.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251 1234
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers 123
jquery 1.12.4 Found in -https://blog.malwarebytes.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251 1234
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
polonus (volunteer website security analyst and website error-hunter)
polonus:
On this blog site we would not expect such issues either:
jquery 2.1.4 Found in -https://cdn-3.zscaler.com/sites/default/files/advagg_js/js__Mc2zu8oTXUuuljJ2paFym7TDo8lhmM2rQDvEJof-MLI__2KBEhpEGqQFBiFOLZIZYeQTDUIw6atYiuMl7WaVOnZ0__Pn_3y4csKYl3nPNiUt_2RFFx0uJ-_GJwYm6iEOOJzAw.js
Vulnerability info:
Medium 2432 3rd party CORS request may execute CVE-2015-9251 1234
Medium CVE-2015-9251 11974 parseHTML() executes scripts in event handlers
Also consider: Results from scanning URL: -https://cdn-2.zscaler.com/sites/default/files/advagg_js/js__yz39Oiuar8Bm5YQktDLGWAMlZL9dQp7tUMPmAwTni6A__ZS5q5UTsy48aM0oCBRypbHWsLITIpNgKJzyqMf8KPvE__Pn_3y4csKYl3nPNiUt_2RFFx0uJ-_GJwYm6iEOOJzAw.js
Number of sources found: 420 ; number of sinks found: 107
See recommendations here: https://webhint.io/scanner/3abb7e4c-cea5-4491-bfc5-a6181c96e00b
Researchers at zscaler dot com should be aware of issues like:
"Response should be compressed with Brotli when Brotli compression is requested over HTTPS."....
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Navigation
[0] Message Index
Go to full version