https://cgit.drupalcode.org/bootstrap/tree/js/modal.js#n139

Due to the Bootstrap Modal jQuery UI Bridge code, this project overrides Bootstrap's normal Modal API with its own handler. This code needs to reflect the changes that were made upstream: https://github.com/twbs/bootstrap/pull/23687/files#diff-452a8aa82569876b...

Since the upstream vulnerability is already within the public domain, there is no need to keep this as a separate security issue.

CommentFileSizeAuthor
#2 2999163-2.patch1.64 KBmarkhalliwell

Comments

markcarver created an issue. See original summary.

markhalliwell’s picture

markhalliwell
Primary language English
commented
Status: Active » Fixed
StatusFileSize
new 2999163-2.patch1.64 KB

  • markcarver committed a68edd1 on 8.x-3.x 
    Issue #2999163 by markcarver, Gomez_in_the_South: XSS vulnerability in...

markcarver credited Gomez_in_the_South.

markhalliwell’s picture

markhalliwell
Primary language English
commented

markcarver committed fcdfc46 on 7.x-3.x

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.