jquery-lts
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 1 deletion b/‎.gitignore‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md‎
Lines changed: 4 additions & 1 deletion b/‎README.md‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎security/1.2.7-sec/index-1.2.6.html‎
Lines changed: 28 additions & 0 deletions b/‎security/1.2.7-sec/index-1.2.6.html‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎security/1.2.7-sec/index-1.2.7-sec.html‎
Lines changed: 28 additions & 0 deletions b/‎security/1.2.7-sec/index-1.2.7-sec.html‎
Lines changed: 28 additions & 0 deletions
@@ -25,7 +25,7 @@ npm-debug.log*
 !/dist-module/jquery.node-module-wrapper.slim.js
 
 /external
-/node_modules
+node_modules
 
 /test/data/core/jquery-iterability-transpiled.js
 /test/data/qunit-fixture.js
@@ -34,7 +34,7 @@ In a perfect world, at least every MAJOR EOL jQuery release line would have a se
 
 | jQuery version | jQuery-sec version | Branch      | PR             | Release | CVEs Patched                                                                                                                         |
 | -------------- | ------------------ | ----------- | -------------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------ |
-| `1.2.6`        | `1.2.7-sec`        | [1.2.7-sec] | [PR][1.2.7-pr] |         | [CVE-2011-4969] \| [CVE-2012-6708] \| [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-7656] \| [CVE-2020-11022] \| [CVE-2020-11023] |
+| `1.2.6`        | `1.2.7-sec`        | [1.2.7-sec] | [PR][1.2.7-pr] |         | [CVE-2011-4969] \| [CVE-2012-6708] \| <del>CVE-2015-9251</del>* \| [CVE-2019-11358] \| [CVE-2020-7656] \| [CVE-2020-11022] \| [CVE-2020-11023] |
 | `1.3.2`        | `1.3.3-sec`        |             |                |         | [CVE-2011-4969] \| [CVE-2012-6708] \| [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-7656] \| [CVE-2020-11022] \| [CVE-2020-11023] |
 | `1.4.4`        | `1.4.5-sec`        |             |                |         | [CVE-2011-4969] \| [CVE-2012-6708] \| [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-7656] \| [CVE-2020-11022] \| [CVE-2020-11023] |
 | `1.5.2`        | `1.5.3-sec`        |             |                |         | [CVE-2011-4969] \| [CVE-2012-6708] \| [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-7656] \| [CVE-2020-11022] \| [CVE-2020-11023] |
@@ -44,6 +44,9 @@ In a perfect world, at least every MAJOR EOL jQuery release line would have a se
 | `1.12.4`       | `1.12.5-sec`       |             |                |         | [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-11022] \| [CVE-2020-11023]                                                          |
 | `2.2.4`        | `2.2.5-sec`        |             |                |         | [CVE-2015-9251] \| [CVE-2019-11358] \| [CVE-2020-11022] \| [CVE-2020-11023] \| [CVE-2020-23064]                                      |
 
+> [!IMPORTANT]
+> *CVE-2015-9251 is not reproducible in `1.2.6`
+
 > [!NOTE]
 > The 3.x release line is currently supported by jQuery, so we have no need to provide patched versions of 3.x at this time. jQuery 3.5 introduced a breaking change, but it was necessary to fix CVE-2020-11022 and CVE-2020-11023. However, since these vulnerabilities are present in virtually all versions of jQuery, there would be no value in providing a patched version of 3.4 as it would need to include that breaking change anyway.
 
 
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <title>jQuery Security Acceptance Tests</title>
+    <link rel="stylesheet" href="styles.css" />
+    <script src="jquery-1.2.6.js"></script>
+    <script src="main.js"></script>
+  </head>
+  <body>
+		<div id="grid">
+			<div id="button-container">
+				<button type="button" onclick="CVE_2012_6708();">CVE-2012-6708</button>
+				<button type="button" onclick="CVE_2015_9251();">CVE-2015-9251</button>
+				<button type="button" onclick="CVE_2019_11358();">CVE-2019-11358</button>
+				<button type="button" onclick="CVE_2020_7656();">CVE-2020-7656</button>
+				<button type="button" onclick="CVE_2020_11022();">CVE-2020-11022</button>
+				<button type="button" onclick="CVE_2020_11023();">CVE-2020-11023</button>
+			</div>
+			<div id="log">
+
+			</div>
+		</div>
+    <div id="yee"></div>
+  </body>
+</html>
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="X-UA-Compatible" content="ie=edge" />
+    <title>jQuery Security Acceptance Tests</title>
+    <link rel="stylesheet" href="styles.css" />
+    <script src="jquery-1.2.7-sec.js"></script>
+    <script src="main.js"></script>
+  </head>
+  <body>
+		<div id="grid">
+			<div id="button-container">
+				<button type="button" onclick="CVE_2012_6708();">CVE-2012-6708</button>
+				<button type="button" onclick="CVE_2015_9251();">CVE-2015-9251</button>
+				<button type="button" onclick="CVE_2019_11358();">CVE-2019-11358</button>
+				<button type="button" onclick="CVE_2020_7656();">CVE-2020-7656</button>
+				<button type="button" onclick="CVE_2020_11022();">CVE-2020-11022</button>
+				<button type="button" onclick="CVE_2020_11023();">CVE-2020-11023</button>
+			</div>
+			<div id="log">
+
+			</div>
+		</div>
+    <div id="yee"></div>
+  </body>
+</html>