Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Vulnerable Script...vulnerable dependances..
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Vulnerable Script...vulnerable dependances.. (Read 850 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33891
malware fighter
Vulnerable Script...vulnerable dependances..
«
on:
May 25, 2019, 08:06:31 PM »
Detected:
https://aw-snap.info/file-viewer/?protocol=not-secure&ref_sel=GSP2&ua_sel=ff&chk-cache=&fs=1&tgt=c11eYnVea3t0ZnwwYjY2NjQzODgyZmIwfDMwNS5zMy58bXx6XW58d3MuXl1t~enc
and on -https://aws.amazon.com/s3/
Retire.js
handlebars.js 4.0.5 Found in -https://a0.awsstatic.com/libra/1.0.279/libra-bundle.js
Vulnerability info:
High A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template
Read:
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-174183
&
https://github.com/wycats/handlebars.js/commit/cd38583216dce3252831916323202749431c773e
jquery 3.2.1 Found in -https://a0.awsstatic.com/libra/1.0.279/libra-head.js
Vulnerability info:
Medium CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution 123
Re: Results from scanning URL: -https://a0.awsstatic.com/libra/1.0.279/libra-bundle.js
Number of sources found: 239
Number of sinks found: 96
linked in some sense to -http://35stupenek.ru/wp-content/themes/Direct/ , known infection source/not recommended site by Dr Web's.
polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Vulnerable Script...vulnerable dependances..