Background:
It was recently discovered that the Pharos Sentry Base component of Uniprint and Blueprint uses an outdated version of jQuery and is therefore susceptible to CVE-2020-11023. The problem is patched in jQuery 3.5.0. Details regarding this vulnerability, which has a CVSS score of 6.1 (Medium), can be found in the NIST NVD.
Pharos response:
Pharos has updated Sentry Base to 2.0.8, which replaces jQuery 1.11.1 with version 3.6.0. The installer and patch are available now. We recommend all customers using Sentry Base with Uniprint or Blueprint update to the latest version. Pharos Cloud is not impacted.