Vulnerability : TCP timestamps and jQuery<1.9.0 XSS Vulnerability


#1

Hi all,

I have used openvas to scan my system and received information about 2 vulnerability : TCP timestamps and jQuery<1.9.0 XSS Vulnerability.
With TCP timestamps vulnerability, I have seen it on esxi ver 6.5 and no solution to solved it.
With jQuery<1.9.0 XSS Vulnerability, my system have used jQuery version 2.1.4 but still received imformation about it.
Please help me to resolve these problems.
Thank everyone very much


#2

For the TCP timestamps vulnerability please consult the manual or support of your operating system on how to migate this vulnerability. A mitigation for this highly depends on the used environment and because of this no specific mitigation can be provided here.

For the jQuery vulnerability have a look at the output of the Detection-VT gb_jquery_detect.nasl (OID: 1.3.6.1.4.1.25623.1.0.141622) which provides the output on where your system is using a jQuery version lower then 1.9.0.