XSS vulnerability for Primeface

Components, Ajax Framework, Utilities and More.
Post Reply
Posts: 1
Joined: 19 Apr 2017, 11:07

19 Apr 2017, 11:10

XSS vulnerability for Primeface, will this resolve in Elite version? What is the resolution for us in getting rid of XSS security vulnerability.
The version of jQuery 1.11.0 contains well-known vulnerabilities which may lead to cross-site scripting and credential/session theft. The following functions are known to be vulnerable. Can check which Primeface version will resolve this?
1) ""location.hash""
2) ""id""
3) ""class""
4) "":first""
5) ""document.referrer"""

User avatar
Posts: 163
Joined: 22 Apr 2013, 15:48

20 Apr 2017, 02:22

You can read about this issue here:

PrimeFaces Extensions Developer
GitHub Profile: https://github.com/melloware
PrimeFaces 6.1 / PF Extensions 6.1.0

Post Reply
  • Information
  • Who is online

    Users browsing this forum: Bing [Bot], Google [Bot], Yahoo [Bot] and 9 guests