comments (not for humans)
After working on retire.js I decided to take it for a real test run. I setup a node script with phantomjs and scanned the landing page of 150,000 Norwegian domains. These are the results. You will find that a lot of sites are using really old versions of libraries with known vulnerabilities (red means the library has known vulnerabilities). I think this supports the idea that most sites have the jQuery version that was available when the site was first made. Oh, and using a vulnerable library does not necessarily mean the site is vulnerable, but it might be.

Updated 8th of February, 2014:


jQuery is a very widely used library. I was surprised however to find so many different and old versions in use

jQuery UI

Loads of different versions


Betas and release candidates in use here


The Yahoo User Interface Library is also quite widely used


Quite a number of versions in use


comments powered by Disqus