2.2.6 - June 11, 2024
Notes
- This release was the first release in the 2.2.x NES line where the Semantic Versioning was updated.
Full Version: 2.2.4-jquery-2.2.6
Bug Fixes
- Removed doc references to outdated and now malicious site (BDSA-2021-3651)
2.2.5 - March 7, 2024
Notes
- This release originates from an open-source jQuery repository forked by HeroDevs. It encompasses modifications implemented by HeroDevs to ensure successful building.
Full Version: 2.2.5
Bug Fixes
- Prevent auto-execution of scripts when no explicit dataType was provided
- This fixes a Moderate Severity Cross-Site Scripting (XSS) vulnerability (CVE-2015-9251)
- Prevent Object.prototype pollution
- This fixes a Moderate Severity Cross XSS in jQuery vulnerability (CVE-2019-11358)
- Prevent passing of HTML from untrusted sourcesĀ
- This fixes a Moderate Severity Potential XSS vulnerability (CVE-2020-11022)
- Prevent passing of HTML from untrusted sources
- This fixes a Moderate Severity Potential XSS vulnerability (CVE-2020-11023)