Dear FreePBX,
We have FreePBX 15.0.17.53 and JQuery 1.11.3.
We have a task from our security department to update JQuery to a version higher then 3.7, as older versions have XSS vulnerabilities.
Is it true? Does FreePBX has any options to address this issue?
Should we update our FreePBX to fix this problem and to what version should we update?
15 is on CentOS which isn’t getting any updates anymore, so yeah you should upgrade to 17 on Debian in my opinion.
Dear Eris,
Thanks for your response. Anyway, is the FreePBX version 17 is using Jquery version higher then 3.17?
According to Github[1] the current version in use is 3.6.0
[1] framework/amp_conf/htdocs/admin/assets/js at release/17.0 · FreePBX/framework · GitHub
1 Like