Erlend Oftedal

There is https://retire.insecurity.today Currently there is not scanner like what you are describing. There are plugins for the OWASP ZAP and Burp Scanners, but I've been considering creating a docker...

We could add unique identifiers to all of them. Currently "summary" feels a bit misplaced, but I am hesitant to move it, because previous versions are now using the same...

There is another problem here also. For jQuery, to of the vulns in the list is actually the same vuln, but with different version ranges. This is also a weakness...

Thanks, that makes sense. But shouldn't all 1.x versions really be flagged if the product is out of support?

Ah, right. We could just say 1.999 then, as that will never happen.

Wondering what severity we should set on this. I was originally thinking "medium", but maybe "low" is better. This isn't exactly a defined vulnerability. Setting it to medium could trigger...

It’s in there with «Low» now

I have not experienced this problem before. However there are some issues with the way it chrome works internally. It's best to keep developer tools open and check disable cache...

Ah, ok. The Firefox plugin is not getting much love... It was contributed by someone else and I haven't had the time to work on keeping it up to date...

@anantshri @thomasandersen Any chance any of you could take a look at this?