Nagios systems being flagged for old version of jQuery

rferebee · Post by **rferebee** » Wed Sep 08, 2021 10:59 am

Good morning Nagios team,

Recently our Nagios hosts were flagged during a vulnerability scan for having an outdated version of jQuery installed.

'JQuery 1.2 < 3.5.0 Multiple XSS'

I'm wondering if there is anything we can do to address this, so the hosts don't keep showing up in the scans. I found another forum post where one of the Nagios support folks mentioned that XI uses two different versions of jQuery. One for the GUI (newer) and one for running reports (older).

Basically, I just need to know if we can update the version of jQuery that Nagios is using or if we need to file for an exception with our ISO.

Thank you.

benjaminsmith · Post by **benjaminsmith** » Thu Sep 09, 2021 1:45 pm

Hi,

That's correct. There is an older version of jquery that runs in the back end to create pdfs, updating this would cause issues with reports. The newer version, 3.5.1, is used in the GUI itself.

Let me know if you have more questions.

Thanks

rferebee · Post by **rferebee** » Fri Sep 10, 2021 11:32 am

That's all I needed to know. Thank you very much.

You can lock this.

benjaminsmith · Post by **benjaminsmith** » Fri Sep 10, 2021 1:06 pm

That's all I needed to know. Thank you very much.

Your welcome!

Have a great weekend.

Nagios Support Forum

Nagios systems being flagged for old version of jQuery

Nagios systems being flagged for old version of jQuery

Re: Nagios systems being flagged for old version of jQuery

Re: Nagios systems being flagged for old version of jQuery

Re: Nagios systems being flagged for old version of jQuery