0

We use jquery.mobile-1.1.1.min.js in our application. Burp scan found Link manipulation (DOM-based) vulnerability in jquery.mobile-1.1.1.min.js:

[SNIP]

<a href='testurl' />").prependTo(e)[0].href;c[0].href=h||location.pathname;d&&d.remove();return f.indexOf(b)===0}(),cssPointerEvents:function(){var a=k.createElement("x"),b=k.documentElement,
c=t.getComputedStyle;if(!("pointerEvents"in a.style))return false;a.style.pointerEve

Issue detail

The application may be vulnerable to DOM-based link manipulation. Data is read from location.pathname and passed to the 'href' property of a DOM element via the following statement: c[0].href=h||location.pathname;

Could you tell me if there is real vulnerability in the jquery source code and bug is needed for jquery or there is just false positive finding of Burp Scan?

Thanks.

Twisty
  • 30,304
  • 2
  • 26
  • 45
Togi
  • 27
  • 1
  • 5
  • 1
    That is waaaaaaaaaay too old version of jQuery Mobile, not to mention jQuery Mobile is old like cosmos. On the other hand that is a real bug in jQuery Mobile, that's why I'm advising you to use a newer version. The version you are using was created on July 12, 2012, almost 6.5 years ago. – Gajotres Jan 17 '19 at 16:40
  • @Gajotres thank you very much. That is right, upgrade of jQuery Mobile fixed the issue. But I have the same vulnerability found in the last version of jquery.js https://stackoverflow.com/questions/53431519/jquery-security-issue-link-manipulation-dom-based Do not you have any comments? – Togi Jan 21 '19 at 05:41
  • @Togi any time you pull data from url path, you open up the code to being vulnerable to script injection. – Twisty Jan 22 '19 at 18:20

0 Answers0