Decipher Security Vulnerabilities Due to JQuery

Community
- Product Forum
  
  Get personalized help and advice from other SS&C Blue Prism users here.
- Digital Exchange
  
  Get community support for SS&C | Blue Prism® Digital Exchange assets and discuss the DX.
- SS&C Blue Prism Products
- Support Center
- Documentation
- First Steps
  
  Discover how to set up, deploy, maintain and support your SS&C | Blue Prism® Cloud or SS&C | Blue Prism® Enterprise solution.
- University Forum
  
  Upskill together with other SS&C Blue Prism learners. Share your learning objectives, get advice on courses and celebrate your latest certifications.
- Getting Started
  
  New to SS&C Blue Prism? Get advice on setup, deployment and organizational adoption.
- Blogs
  
  Your window to developer insights, customer stories, the latest company news, and more.
- Events
  
  Meet online or in person and discuss the world of intelligent automation.
- Product Ideas
  
  Submit and vote for your favorite ideas on how to improve SS&C Blue Prism products.
- Blueprints
  
  Intelligent automation use cases, shared by the teams who designed and deployed them.
- Product Research Program
  
  Help us meet your automation needs by participating in user research, beta trials and surveys.
- User Groups
  
  Find new friends and professional connections across the intelligent automation community.
- Welcome Space
  
  Find community news, activities, and tips here. You can also introduce yourself!
- Community FAQ
  
  Learn how to make the most of the SS&C Blue Prism Community.
- Community Suggestions
  
  Got an idea on how to improve the SS&C Blue Prism Community? Submit them, and vote on others, here.
- NHS Network
  
  A private area for NHS developers to network, collaborate and share best practices.
- Local Language
  
  Bienvenido! Salut! Witaj! Find intelligent automation professionals who speak your language here.
- Off-Topic Chat
  
  This space is for discussion about anything and everything – except intelligent automation!
- Local Government Network
  
  Discuss intelligent automation best practices and tactics for Local Government settings here.
- UK Higher Education Network
  
  Discuss intelligent automation best practices and tactics for Higher Education settings in the UK here.
- North America Healthcare Network
  
  Revolutionize the North American healthcare industry together with other intelligent automation professionals here. Please note: the content of this community is commercial in confidence, share with appropriate discretion.
- Meet the Team
- Meet the MVPs

Status:

Current Decipher is using jQuery 1.9, which is highlighted by our IT security team that there are some vulnerabilities that the remote web server is affected by multiple cross site scripting vulnerability. According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

https://security.paloaltonetworks.com/PAN-SA-2020-0007

Upgrade to JQuery version 3.5.0 or later is required. Please advise on how to do that for all decipher services. I understand we need modify a few index.html files to point to the later version on JQuery.

We need a release timeline to fix the vulnerabilities before the actual implementation of Decipher.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

SS&C Blue Prism Community

Decipher Security Vulnerabilities Due to JQuery

Option to Search Process and Object in Studio & Se...

Form Design - Links on a Form

Communications Document Delivery - Ability to Dele...

Interact Form - Button Download

Alert when Bot connection lost