-
Type: Task
-
Status: Done
-
Priority: High
-
Resolution: Done
-
Epic Link:
Invicti Enterprise identified that the target web site is using jQuery Validation and detected that it is out of date.
Impact
Since this is an old version of the software, it may be vulnerable to attacks.
Vulnerabilities
1.1. https://sfs.turkiyeshell.com/lib/jquery-validation/dist/jquery.validate.js
Identified Version
1.19.3
Latest Version
1.19.5
Vulnerability Database
Result is based on 06/27/2023 15:00:00 vulnerability database content.
Certainty
Request Response
Request
GET /lib/jquery-validation/dist/jquery.validate.js HTTP/1.1
Host: sfs.turkiyeshell.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
Accept-Language: en-us,en;q=0.5
Cache-Control: no-cache
Cookie: .AspNetCore.Antiforgery.IOH2qP4C9lk=CfDJ8I4hPoQOtxJNkFdlxKdQaaj61YWL07fDpF-ClCDhm_pPgj67UZX3w2uryZeXKR60HZMGynGssWi2luhrYfHAfcWHsRTa05TQKE8z2Idgvlgxkc9jNi6X22oqjJCv68RzFXOJ2p3NAe3AlBLw06
LPIE;
.AspNetCore.Session=CfDJ8I4hPoQOtxJNkFdlxKdQaahdraxoML2YikJMr5CtJegWDjJBB4cc7DLrVuZbE1SQ47e%2Bp2rv3A
6QidMg6Qpd4ExEJ2QwFKjm8Lus2I%2Ft3WUvje5SqvKtsGb5dMAIoAtHXJsYsqgSX5V2XPdaNKDY9ghWS6payV%2BcBIOSr2dOFV
qP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/108.0.5359.71 Safari/537.36
4/43
Remedy
Please upgrade your installation of jQuery Validation to the latest stable version.
Remedy References
Downloading jQuery Validation
CLASSIFICATION
PCI DSS v3.2 6.2
OWASP 2013 A9
OWASP 2017 A9
CWE 1035 , 937
Response
Response Time (ms) : 2698.1322
Total Bytes Received : 275
Body Length : 0
Is Compressed : No