Jquery upgradation for Owncloud

how to upgrade jquery to the latest version for owncloud??

Hello,

please add more information and background to your question.

I would imagine that you can update a package just by updating the package with your linux package manager.

Best Regards

Dmitry

Jquery is vulnerable in owncloud. SO our infosec team is suggesting upgrading the jquery to the latest version… SO kindly guide me how to upgrade the jquery…

Thanks in advance

"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater
than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross-site scripting vulnerabilities.

Hello,

Can you check if the vulnerability really exist in the code or if it was just noticed by a version scanner?

ownCloud fixes all known vulnerabilities in it’s code but we don’t release a new version of that code component.

2 Likes

I can confirm that the team is continuously working on such issues, see https://github.com/owncloud/core/issues/37463 as a reference.

So only when a diagnosis tool tells a version is vulnerable, this does not mean the vulnerability itself is there. So ask your infosec team if they only had been looking at package versions or if they really detected a vulnerability.

If the latter is the case, have your infosec team follow the instructions at https://owncloud.com/security/

1 Like