Maximebf Debugbar vulnerabilities

CVE-2020-11022 [MEDIUM] CWE-79 Potential XSS vulnerability in jQuery Potential XSS vulnerability in jQuery ### Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code. ### Patches This problem is patched in jQuery 3.5.0. ### Workarounds To workaround the issue without upgrading, adding the following to your code: ```js jQuery.htmlPrefilter = function( html ) { retu

CVE-2019-11358 [MEDIUM] CWE-1321 XSS in jQuery as used in Drupal, Backdrop CMS, and other products XSS in jQuery as used in Drupal, Backdrop CMS, and other products jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype`.