Uploaded image for project: 'Magnolia Standard Templating Kit (closed)'
  1. Magnolia Standard Templating Kit (closed)
  2. MGNLSTK-1533

Web Application Penetration Test with Acunetix tools find vulnerable Javascript library

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Do
    • Critical
    • None
    • None
    • templates
    • TOMCAT 7.0.54 - APACHE 2.2.27 - mangolia Enterprise Edition, 4.5.14

    Description

      Some vulnerability tests with tools like Acunetix, have found a vulnerability for our www.bpm.it sites for the presence of magnolia libraries

      • jquery 1.8.3 and
      • flowplayer.
        Both libraries are provided with magnolia module STK (Standard Templating Kit). Going to update the libraries are created compatibility issues on some magnolia components supplied with STK module.
        This upgrade requires rewriting much of the site with relevant certification tests with much and much effort.

      OUR request is if there are other compatible libraries that resolv the problem and allows US make NO changes to our software

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              webankUser Mario Ravasi
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 20d
                  20d
                  Remaining:
                  Remaining Estimate - 20d
                  20d
                  Logged:
                  Time Spent - Not Specified
                  Not Specified