Last Updated: 13 Dec 2018 16:58 by ADMIN
Created by: Stefan
Comments: 1
Category: ScriptManager
Type: Feature Request
During penetration tests we have to let carry out we allways run into problems with version disclosures originating from the embedded scripts and the Telerik.Web.UI.
To keep updates of the telerik components easy and to stay out of version incompatibilities we would like to keep using the embedded scripts.
Atm this is even more unlucky because the still, or again, used JQuery version 1.12.4 is known to be vulnerable to Cross-site Scripting (XSS) attacks.

Our request would now be to at least remove the version comments from the embedded script files and the exact version of the Telerik.Web.UI in the links created to the Webresource.axd.