Start a conversation

SOAPam Server: Control Panel jQuery update


The SOAPam Server Control Panel uses the jQuery JavaScript library. A security vulnerability has been identified in the jQuery version used by the Control Panel. 

Advisory Release Date

June 10, 2019

Affected Versions

All through 3.1.6

Fixed Versions


The jQuery vulnerability is described here:

The vulnerability was corrected in jQuery version 3.4.0. The jQuery release notes can be found here:

Although SOAPam Server does not directly use the jQuery.extend() function, a hotfix is available which updates the jQuery script files stored in the VFS. to version 3.4.1. Note that this hotfix is for the 3.1.6 release only. If you would like a hotfix prepared for another release, please open a support case and let us know the release you're using.

Hotfix Installation

Install the hotfix by following these steps:

  1. Download the hotfix PAK file using the link below and transfer the file to your NonStop system.
  2. Unpak the hotfix PAK file, which contains the following VFS image file:
  3. Update the VFS with the hotfix files using the following VFSMGR command:
    1. tacl>run vfsmgr -vfs <vfs-subvol> -put folder hfimage / !
  4. Refresh any browser running the Control Panel to refresh the jQuery files.
Choose files or drag and drop files
Was this article helpful?
Please sign in to comment