All Apps and Add-ons

Splunk custom App cloud vetting process error - check_for_vulnerable_javascript_library_usage?

arjitg
Explorer

Hi All,  We have our custom app and while performing the cloud vetting process on that app, we are getting the following error mentioned below.  We have already updated the Jquery in all our XML (version="1.1") . The error doesnt show the name of the file but we suspect it might be caused by one of the visualization JS files not related to XML. What best can be done to resolve these errors ?  Thanks.  

  • check_for_vulnerable_javascript_library_usage
    3rd party CORS request may execute
    parseHTML() executes scripts in event handlers
    jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
    Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
    Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
  • 3rd party CORS request may execute
    parseHTML() executes scripts in event handlers
    jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
    Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
    Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
    XSS in the `of` option of the `.position()` util
    XSS Vulnerability on text options of jQuery UI datepicker
    XSS in the `altField` option of the Datepicker widget
  • Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
    Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
Labels (3)
0 Karma
Get Updates on the Splunk Community!

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

Getting Started with AIOps: Event Correlation Basics and Alert Storm Detection in ...

Getting Started with AIOps:Event Correlation Basics and Alert Storm Detection in Splunk IT Service ...

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...