Prototype JS CVE in SmokePing

Question

Prototype JS CVE in SmokePing

isfahany opened this issue 2 years ago · 2 comments

Hi, I think that smokeping is using vulnerable Javascript Framework (Prototype JS 1.7.3)
it is assigned as vulnerable in CVE-2020-27511/

the worse part is Prototype JS is obselete and not updating anymore

is there any possibilities that SmokePing change this Framework?

Answer 1 · 2022-01-13T16:31:25.000Z

since smokeping does not use any authentication, I can not imagine a scenario where a vulnerability in a js fw has any bearing on smokeping ... that said, I would be glad to update the support for interactive charts in smokeping ... if there were any sponsors :)

Answer 2 · 2022-04-14T04:31:12.000Z

This issue has become stale and will be closed automatically within 7 days. Comment on the issue to keep it alive.