Login
    Contents x
    Pharos Response to jQuery Vulnerability (CVE-2020-11023) - June 2022
    • 05 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Pharos Response to jQuery Vulnerability (CVE-2020-11023) - June 2022

    • Updated on 05 Apr 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Background:

    It was recently discovered that the Pharos Sentry Base component of Uniprint and Blueprint uses an outdated version of jQuery and is therefore susceptible to CVE-2020-11023. The problem is patched in jQuery 3.5.0. Details regarding this vulnerability, which has a CVSS score of 6.1 (Medium), can be found in the  NIST NVD.

    Pharos response:

    Pharos has updated Sentry Base to 2.0.8, which replaces jQuery 1.11.1 with version 3.6.0. The installer and patch are available now. We recommend all customers using Sentry Base with Uniprint or Blueprint update to the latest version. Pharos Cloud is not impacted.

    Was this article helpful?
    Related articles
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout