24/7/365 access to a team of world-class, certified ethical hackers to repair and harden your website.

View Brochure
Fix me

Blog

Posted on

dotCMS v5.1.1 – Vulnerable Open Source Dependencies

dotCMS v5.1.1 suffers from several vulnerabilities due to the reliance on open source dependencies with publicly disclosed issues. These vulnerabilities are listed below: Scanning open source dependencies of dotCMS_5.1.1   /ROOT/html/js/scriptaculous/prototype.js   ↳ prototypejs 1.5.0 prototypejs 1.5.0 has known vulnerabilities: severity: high; CVE: CVE-2008-7220; http://www.cvedetails.com/cve/CVE-2008-7220/ http://prototypejs.org/2008/01/25/prototype-1-6-0-2-bug-fixes-performance-improvements-and-security/   ROOT/assets/3/6/36c22c5d-c813-4869-a4b7-fcc10a74e8b6/fileAsset/jquery.min.js   ↳ jquery 1.9.1 jquery 1.9.1 has …

Continue reading “dotCMS v5.1.1 – Vulnerable Open Source Dependencies”