NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: rupertvz on October 21, 2022, 04:32:23 AM

Title: IT Audit Report
Post by: rupertvz on October 21, 2022, 04:32:23 AM

Hi Guys,

Our client raised a JQuery concern with a NetTalk Server, version 11.45.

Any advise to fix this will be appreciated,


"The remote web server is affected by multiple cross site scripting
vulnerability."   "According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater
than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

Upgrade to JQuery version 3.5.0 or later.

Title: Re: IT Audit Report
Post by: Jane on October 21, 2022, 07:35:57 AM

My NT 12.47 apps report 3.6.0 
console.log(jQuery().jquery);

The History in the docs says that update to 3.6.0 was as of 12.33 last December.

As Bruce often says, security is not a "one and done" affair.  I'd suggest upgrading.

Cheers,

Jane

Title: Re: IT Audit Report
Post by: urayoan on October 21, 2022, 12:22:13 PM

Like Jane said, is better to upgrade and gain other security features that are included in recent versions of NetTalk than try to fix an outdated version itself.

Title: Re: IT Audit Report
Post by: Bruce on October 23, 2022, 11:42:05 PM

<< Any advise to fix this will be appreciated,

update the program to use NetTalk 12.

cheers
Bruce

Title: Re: IT Audit Report
Post by: rupertvz on October 24, 2022, 01:41:01 AM

Hi Bruce,

Thank you, when will NetTalk 12 turn to gold release?

Title: Re: IT Audit Report
Post by: Bruce on October 26, 2022, 04:29:16 AM

"gold" is a meaningless term.
NT 12 has been used in productions systems for a couple years now.

Cheers
Bruce