https://cgit.drupalcode.org/bootstrap/tree/js/modal.js#n139

Due to the Bootstrap Modal jQuery UI Bridge code, this project overrides Bootstrap's normal Modal API with its own handler. This code needs to reflect the changes that were made upstream: https://github.com/twbs/bootstrap/pull/23687/files#diff-452a8aa82569876b...

Since the upstream vulnerability is already within the public domain, there is no need to keep this as a separate security issue.

CommentFileSizeAuthor
#2 2999163-2.patch1.64 KBmarkhalliwell
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

markcarver created an issue. See original summary.

markhalliwell’s picture

markhalliwell
Primary language English
CreditAttribution: markhalliwell at Tag1 Consulting commented
Status: Active » Fixed
FileSize
2999163-2.patch1.64 KB

  • markcarver committed a68edd1 on 8.x-3.x 
    Issue #2999163 by markcarver, Gomez_in_the_South: XSS vulnerability in...

markcarver credited Gomez_in_the_South.

markhalliwell’s picture

markhalliwell
Primary language English
CreditAttribution: markhalliwell at Tag1 Consulting commented

markcarver committed fcdfc46 on 7.x-3.x

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.