Note that this does not affect jQuery Core which is still actively maintained. We’ll also try to fix important regressions from jQuery UI 1.12.1 older long-standing bugs may not get fixed. Please remember jQuery UI is in a maintenance state: we’ll make sure the library is compatible with new jQuery releases and that security issues are fixed but no new significant feature work is planned.
XSS when refreshing a checkboxradio with an HTML-like initial text label.More details about the security issue fixed: Built jQuery UI files are now included in the npm package this was important to some CDNs that rely on it as the source of truth. It includes a security fix for the Checkboxradio widget, a few localization updates for Datepicker and some fixes for issues submitted by the community. We’re happy to announce the second patch release to jQuery 1.13 is out. Posted on Jby Michał Gołębiowski-Owczarek
0 kommentar(er)
