View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 252
IDProjectCategoryView StatusDate SubmittedLast Update
20013Bug reportsSecuritypublic2025-03-15 17:522025-03-17 08:58
Reportertibor.pacalat Assigned Tokfoster  
PrioritynoneSeverityminor 
Status assignedResolutionopen 
Product Version6.6.x 
Summary20013: Update VueJs
Description

The identified library vue, version 2.6.14 is vulnerable.
CVE-2024-9506
https://github.com/vuejs/core https://github.com/advisories/GHSA-5j4c-8p2g-v4jx https://www.herodevs.com/vulnerability-directory/cve-2024-9506 https://nvd.nist.gov/vuln/detail/CVE-2024-9506

Affected URL example: https://*****/tmp/assets/*****/build.min/js/adminsidepanel.js

We need to upgrade to the latest version of the affected library.

Steps To Reproduce

Steps to reproduce

(Replace this text with detailed step-by-step instructions on how to reproduce the issue)

Expected result

(Write here what you expected to happen)

Actual result

(Write here what happened instead)

TagsNo tags attached.
Bug heat252
Complete LimeSurvey version number (& build)6.12.0+250310
I will donate to the project if issue is resolvedNo
Browser
Database type & version.
Server OS (if known)
Webserver software & version (if known)
PHP Version.

Relationships

Relationship GraphDependency Graph
related to 20015 new JQuery and Vue Version Vulnerability 

Users monitoring this issue

mk534

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2025-03-15 17:52 tibor.pacalat New Issue
2025-03-15 17:54 tibor.pacalat Assigned To => kfoster
2025-03-15 17:54 tibor.pacalat Status new => assigned
2025-03-17 07:15 mk534 Issue Monitored: mk534
2025-03-17 07:15 mk534 Bug heat 250 => 252
2025-03-17 08:58 DenisChenu Relationship added related to 20015