We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lightbox2 version 2.11.3 uses JQuery 3.4.1 which has two XSS vulnerabilities:
https://snyk.io/test/npm/jquery/3.4.1
This means that the https://github.com/lokesh/lightbox2/blob/dev/dist/js/lightbox-plus-jquery.min.js file contains the outdated library.
As a workaround, I downloaded the solution and used bower to pull in the latest JQuery, and hosted it myself instead of using the CDN.
No code changes are required, just putting out a new build that uses JQuery 3.6.0 would sort it.
The text was updated successfully, but these errors were encountered:
Resolved in v2.11.4: https://github.com/lokesh/lightbox2/releases/tag/v2.11.4
Sorry, something went wrong.
No branches or pull requests
Lightbox2 version 2.11.3 uses JQuery 3.4.1 which has two XSS vulnerabilities:
https://snyk.io/test/npm/jquery/3.4.1
This means that the https://github.com/lokesh/lightbox2/blob/dev/dist/js/lightbox-plus-jquery.min.js file contains the outdated library.
As a workaround, I downloaded the solution and used bower to pull in the latest JQuery, and hosted it myself instead of using the CDN.
No code changes are required, just putting out a new build that uses JQuery 3.6.0 would sort it.
The text was updated successfully, but these errors were encountered: