A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting (XSS) attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2022-7291b78111
Please login to add feedback.