Prototype JS CVE in SmokePing
isfahany opened this issue · 2 comments
isfahany commented
Hi, I think that smokeping is using vulnerable Javascript Framework (Prototype JS 1.7.3)
it is assigned as vulnerable in CVE-2020-27511/
the worse part is Prototype JS is obselete and not updating anymore
is there any possibilities that SmokePing change this Framework?
oetiker commented
since smokeping does not use any authentication, I can not imagine a scenario where a vulnerability in a js fw has any bearing on smokeping ... that said, I would be glad to update the support for interactive charts in smokeping ... if there were any sponsors :)
github-actions commented
This issue has become stale and will be closed automatically within 7 days. Comment on the issue to keep it alive.