[Snyk] Security upgrade requests from 2.31.0 to 2.32.4

[TheRedHatter]

Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

• vendor/guzzlehttp/guzzle/docs/requirements.txt

⚠️ Warning

sphinx 5.3.0 requires requests, which is not installed.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[TheRedHatter]

Checkmarx One – Scan Summary & Details – e1906e62-f084-46b3-8508-b1751b02eedc

New Issues (50)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Client_DOM_Stored_XSS	/web/amf_back_office/js/amfphp_updates.js: 38	details The method showVersionComparison embeds untrusted data in generated output with html, at line 27 of /web/amf_back_office/js/amfphp_updates.js.... ID: x3jRZrYyUgdn3chKpYReciIkpmQ%3D Attack Vector
	Client_DOM_XSS	/web/amf_back_office/js/amfphp_updates.js: 38	details The method showVersionComparison embeds untrusted data in generated output with html, at line 27 of /web/amf_back_office/js/amfphp_updates.js.... ID: 1Vgrakerf%2FhknJcTKBbMmC5ATZ0%3D Attack Vector
	Dangerous_File_Inclusion	/classes/App/Admin/Controller/Vulnerability.php: 53	details The application loads an external library or source code file using include, at line 62 of /modules/vulninjection/classes/VulnModule/Storage/PHPFil... ID: oz8GIhvrl%2B8x%2BJFLymIQ4l9XAjk%3D Attack Vector
	Reflected_XSS	/classes/App/Admin/Controller/Vulnerability.php: 53	details The method buildContextFromArray embeds untrusted data in generated output with ThrowExpr, at line 93 of /modules/vulninjection/classes/VulnModule/... ID: UWls7zDAun6Bce8ZJGxmDZK1L4A%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 53	details Method action_index at line 53 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: Yum9QvxzREBZzIgzNl2ioPb3N9E%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 53	details Method action_index at line 53 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: r6BNpxZ4drYGHHtILaPbsbS22WM%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 53	details Method action_index at line 53 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: hdFeQYy%2F32Kfx3hglpz0WuM3Ers%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 53	details Method action_index at line 53 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: eDVPTtLvYSc9PZASWVnzcW09Meg%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 69	details Method action_index at line 69 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: zefDwIlpkYfo%2BS9WW4CwSvyDkWs%3D Attack Vector
	Relative_Path_Traversal	/classes/App/Admin/Controller/Vulnerability.php: 53	details Method action_index at line 53 of /classes/App/Admin/Controller/Vulnerability.php gets dynamic data from the get element. This element’s value t... ID: 3aPv1LB%2BRBNmkkrzbfmUaQ%2FqA0A%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 34	details The web application's Lambda method creates a cookie cookie, at line 34 of /web/amf_back_office/js/amfphp_updates.js, and returns it in the res... ID: zgAKBPOCQX1ZGKH506AoOMOm%2Fts%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 38	details The web application's Cx9e61ae35 method creates a cookie cookie, at line 38 of /web/amf_back_office/js/amfphp_updates.js, and returns it in the... ID: 18JQuXxLcyBiRLjd7WwuGoAszB8%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 77	details The web application's Cx9e61ae35 method creates a cookie cookie, at line 77 of /web/amf_back_office/js/amfphp_updates.js, and returns it in the... ID: eoQgtyjjXdtq%2B09QcFqTTZQ12%2Fw%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 91	details The web application's Cx9e61ae35 method creates a cookie cookie, at line 91 of /web/amf_back_office/js/amfphp_updates.js, and returns it in the... ID: QG1zINpN%2BqtyFccVjb%2FmNEr3kUY%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/sb.js: 80	details The web application's Lambda method creates a cookie cookie, at line 80 of /web/amf_back_office/js/sb.js, and returns it in the response. Howev... ID: sOSoYaYm1Ug32YyupEXO0T%2B6VsU%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/sb.js: 98	details The web application's setMethodDescriptionVisibility method creates a cookie cookie, at line 98 of /web/amf_back_office/js/sb.js, and returns it... ID: UqjfezJ84JLH8S9jrWmvTs52BSs%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/sb.js: 186	details The web application's onServicesLoaded method creates a cookie cookie, at line 186 of /web/amf_back_office/js/sb.js, and returns it in the respo... ID: sXuL%2Bf5ioRMozFQGL44fKjUys6M%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/sb.js: 329	details The web application's manipulateMethod method creates a cookie cookie, at line 329 of /web/amf_back_office/js/sb.js, and returns it in the respo... ID: R6rpd85ne%2FKQeDCNuW636IFhsGo%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/sb.js: 102	details The web application's setMethodDescriptionVisibility method creates a cookie cookie, at line 102 of /web/amf_back_office/js/sb.js, and returns i... ID: 46mDD2vMY3QjyUD%2BN1kC08AXLwQ%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 74	details The web application's buildNewsDisplay method creates a cookie cookie, at line 74 of /web/amf_back_office/js/amfphp_updates.js, and returns it ... ID: wTu83Q1P%2FnAob7c7MW0ULx4yQ7w%3D Attack Vector
	HttpOnly_Cookie_Flag_Not_Set	/web/amf_back_office/js/amfphp_updates.js: 32	details The web application's Cx9e61ae35 method creates a cookie cookie, at line 32 of /web/amf_back_office/js/amfphp_updates.js, and returns it in the... ID: PZrDPoyMSQNj%2Bf2algHSdNXGtOw%3D Attack Vector
	Missing_HSTS_Header	/web/upload/download.php: 18	details The web-application does not define an HSTS header, leaving it vulnerable to attack. ID: s8VxCMs%2F23JHDj040xPVkyra%2F%2Fg%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 39	details The application loads an external library or source code file using "http://hackazon\.dev/js/jquery\-1\.10\.2\.js", at line 39 of /subprojects/Help... ID: 0etANxGTguJ29DW4Hdy%2Ffynf6SA%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 40	details The application loads an external library or source code file using "http://hackazon\.dev/js/jquery\-migrate\-1\.2\.1\.js", at line 40 of /subproje... ID: Pk39p5QurkiIjhxGO%2BLmehRfAXQ%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 41	details The application loads an external library or source code file using "http://hackazon\.dev/js/bootstrap\.js", at line 41 of /subprojects/Helpdesk/wa... ID: ifGhsv65B9h3myGj28NRCw5dnVE%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 42	details The application loads an external library or source code file using "http://hackazon\.dev/js/modern\-business\.js", at line 42 of /subprojects/Help... ID: NoSKfDg5kHUgBz8uWS32Dtm7FgU%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 43	details The application loads an external library or source code file using "http://hackazon\.dev/js/bootstrapValidator\.min\.js", at line 43 of /subprojec... ID: BBvFm1E9zm1VZV%2B93pwflAbT6XU%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 44	details The application loads an external library or source code file using "http://hackazon\.dev/js/spin\.min\.js", at line 44 of /subprojects/Helpdesk/wa... ID: UIoFbNw8OPmtcTiBVqO7v9ejwiU%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 45	details The application loads an external library or source code file using "http://hackazon\.dev/js/jquery\.modern\-blink\.js", at line 45 of /subprojects... ID: 55Ex8O%2FgXm%2B0rPdba5axseU%2FM3s%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 46	details The application loads an external library or source code file using "http://hackazon\.dev/js/ladda\.min\.js", at line 46 of /subprojects/Helpdesk/w... ID: rR%2FPq0qgeVt5YvYuKpUSp%2FDOBUU%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 47	details The application loads an external library or source code file using "http://hackazon\.dev/js/ladda\.jquery\.min\.js", at line 47 of /subprojects/He... ID: lTXqlVqid5kli%2FdSbFpoSf%2BSGwQ%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 49	details The application loads an external library or source code file using "http://hackazon\.dev/js/ekko\-lightbox\.js", at line 49 of /subprojects/Helpde... ID: gwEgbHsVyxQR0HNSs2J8cEvaJ7s%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 50	details The application loads an external library or source code file using "http://hackazon\.dev/js/jquery\.nivo\.slider\.pack\.js", at line 50 of /subpro... ID: sR2BdM9CWNo1BFTAjOekJ7gSucQ%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 48	details The application loads an external library or source code file using "http://hackazon\.dev/js/jquery\.inputmask\.js", at line 48 of /subprojects/Hel... ID: 6Q%2BLwiuGgfxvHCZNEpvGEHdFrYI%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 53	details The application loads an external library or source code file using "http://hackazon\.dev/js/bootstrap\.file\-input\.js", at line 53 of /subproject... ID: SXud5oOIs1WNyA590RZUhNbCgVw%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 51	details The application loads an external library or source code file using "http://hackazon\.dev/js/respond\.min\.js", at line 51 of /subprojects/Helpdesk... ID: 5%2FlfRLQsI03VPcpgqfdgOT1SQ54%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 52	details The application loads an external library or source code file using "http://hackazon\.dev/js/star\-rating\.min\.js", at line 52 of /subprojects/Hel... ID: YqLJCyNRYcAe%2Bvdo7idfJMyxnK0%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 54	details The application loads an external library or source code file using "http://hackazon\.dev/js/knockout\-2\.2\.1\.js", at line 54 of /subprojects/Hel... ID: 7MFiCkuacl5Q6sq1AEWAjQWbD1A%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 55	details The application loads an external library or source code file using "http://hackazon\.dev/js/knockout\.localStorage\.js", at line 55 of /subproject... ID: ryKQaqmgxnWLZ%2FGzlIIekKVD%2FSc%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 56	details The application loads an external library or source code file using "http://hackazon\.dev/js/koExternalTemplateEngine\_all\.min\.js", at line 56 of... ID: Ca216QrrCQ9x5ScytIfe8zZpKu4%3D Attack Vector
	Client_Dangerous_File_Inclusion	/subprojects/Helpdesk/war/Helpdesk.html: 57	details The application loads an external library or source code file using "http://hackazon\.dev/js/site\.js", at line 57 of /subprojects/Helpdesk/war/Hel... ID: Msg1enrZcMEAKn1TDBa4gxXH0Mo%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/js/sb-admin-2.js: 41	details Method anony_ce8f382d in /web/js/sb-admin-2.js, at line 41, calls an obsolete API, error. This has been deprecated, and should not be used in ... ID: PeQGAO0xJ0E9VdwL2EpAIDjR284%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/js/sb-admin-2.js: 9	details Method Lambda in /web/js/sb-admin-2.js, at line 9, calls an obsolete API, bind. This has been deprecated, and should not be used in a modern co... ID: paEKq8qhQ7yoT9E8Y217Jq%2BdHh8%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/amf_back_office/Profiler.php: 336	details Method addLabelListeners in /web/amf_back_office/Profiler.php, at line 336, calls an obsolete API, bind. This has been deprecated, and should n... ID: i9BotDFL48iE9SUa9xjpViKHYak%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/amf_back_office/js/jqplot.enhancedLegendRenderer.js: 209	details Method draw in /web/amf_back_office/js/jqplot.enhancedLegendRenderer.js, at line 209, calls an obsolete API, bind. This has been deprecated, a... ID: dXO%2F7%2BOIE107Rt7TsJr1OIsjIHA%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/amf_back_office/js/jqplot.enhancedLegendRenderer.js: 205	details Method draw in /web/amf_back_office/js/jqplot.enhancedLegendRenderer.js, at line 205, calls an obsolete API, bind. This has been deprecated, a... ID: AvFh%2BQzk3pi%2B%2FSRB9BZRWl7Pnjo%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/amf_back_office/js/dataparse.js: 35	details Method recurse in /web/amf_back_office/js/dataparse.js, at line 35, calls an obsolete API, isArray. This has been deprecated, and should not be... ID: isJs3eXKEKEpy9vhTq1z53c7JW0%3D Attack Vector
	Client_JQuery_Deprecated_Symbols	/web/amf_back_office/js/dataparse.js: 20	details Method recurse in /web/amf_back_office/js/dataparse.js, at line 20, calls an obsolete API, isArray. This has been deprecated, and should not be... ID: DbokEwuyie%2FtyQgw05pdKVujDxY%3D Attack Vector
	Unsafe_Use_Of_Target_blank	/web/amf_back_office/js/amfphp_updates.js: 70	details Using at line 70 of /web/amf_back_office/js/amfphp_updates.js, without correct... ID: dFHkPMkrxJIzjWCs0l0LKGry0oE%3D Attack Vector
	Unsafe_Use_Of_Target_blank	/web/amf_back_office/ClientGeneratorBackend.php: 46	details Using at line 46 of /web/amf_back_office/ClientG... ID: V%2F4qsgxWeHFMwFptMGcnaaV1ZYQ%3D Attack Vector

Fixed Issues (9)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Reflected_XSS	/classes/App/Page.php: 66
	Reflected_XSS	/classes/App/Page.php: 67
	CVE-2015-9251	Npm-jquery-1.10.2
	CVE-2019-11358	Npm-jquery-1.10.2
	CVE-2019-14862	Npm-knockout-2.2.1
	CVE-2020-11023	Npm-jquery-1.10.2
	Cxb90148b9-bcbe	Npm-knockout-2.2.1
	Cxf0b588a3-5c6f	Npm-jquery-1.10.2
	Missing_HSTS_Header	/classes/App/Admin/Controller/Error.php: 25