Uploaded image for project: 'Shell OneHub'
  1. Shell OneHub
  2. SO-2522

1. Out-of-date Version (jQuery Validation)

    XMLWordPrintable

    Details

      Description

      Invicti Enterprise identified that the target web site is using jQuery Validation and detected that it is out of date.
      Impact
      Since this is an old version of the software, it may be vulnerable to attacks.
      Vulnerabilities
      1.1. https://sfs.turkiyeshell.com/lib/jquery-validation/dist/jquery.validate.js
      Identified Version
      1.19.3
      Latest Version
      1.19.5
      Vulnerability Database
      Result is based on 06/27/2023 15:00:00 vulnerability database content.
      Certainty
      Request Response
      Request
      GET /lib/jquery-validation/dist/jquery.validate.js HTTP/1.1
      Host: sfs.turkiyeshell.com
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
      Accept-Language: en-us,en;q=0.5
      Cache-Control: no-cache
      Cookie: .AspNetCore.Antiforgery.IOH2qP4C9lk=CfDJ8I4hPoQOtxJNkFdlxKdQaaj61YWL07fDpF-ClCDhm_pPgj67UZX3w2uryZeXKR60HZMGynGssWi2luhrYfHAfcWHsRTa05TQKE8z2Idgvlgxkc9jNi6X22oqjJCv68RzFXOJ2p3NAe3AlBLw06
      LPIE;
      .AspNetCore.Session=CfDJ8I4hPoQOtxJNkFdlxKdQaahdraxoML2YikJMr5CtJegWDjJBB4cc7DLrVuZbE1SQ47e%2Bp2rv3A
      6QidMg6Qpd4ExEJ2QwFKjm8Lus2I%2Ft3WUvje5SqvKtsGb5dMAIoAtHXJsYsqgSX5V2XPdaNKDY9ghWS6payV%2BcBIOSr2dOFV
      qP
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
      Chrome/108.0.5359.71 Safari/537.36
      4/43
      Remedy
      Please upgrade your installation of jQuery Validation to the latest stable version.
      Remedy References
      Downloading jQuery Validation
      CLASSIFICATION
      PCI DSS v3.2 6.2
      OWASP 2013 A9
      OWASP 2017 A9
      CWE 1035 , 937
      Response
      Response Time (ms) : 2698.1322
      Total Bytes Received : 275
      Body Length : 0
      Is Compressed : No

        Attachments

          Activity

            People

            Assignee:
            mehmet Mehmet Gülenç
            Reporter:
            Seher Seher Bayar (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: