XSS vulnerability for Primeface

UI Components for JSF
Post Reply
Posts: 1
Joined: 19 Apr 2017, 11:07

19 Apr 2017, 11:10

XSS vulnerability for Primeface, will this resolve in Elite version? What is the resolution for us in getting rid of XSS security vulnerability.
The version of jQuery 1.11.0 contains well-known vulnerabilities which may lead to cross-site scripting and credential/session theft. The following functions are known to be vulnerable. Can check which Primeface version will resolve this?
1) ""location.hash""
2) ""id""
3) ""class""
4) "":first""
5) ""document.referrer"""

User avatar
Posts: 616
Joined: 22 Apr 2013, 15:48

20 Apr 2017, 02:22

You can read about this issue here:

PrimeFaces Extensions Developer
GitHub Profile: https://github.com/melloware
PrimeFaces Elite 6.2 / PF Extensions 6.2.3

Post Reply
  • Information
  • Who is online

    Users browsing this forum: Baidu [Spider], Bing [Bot] and 15 guests