Kryptronic Software Support Forum

You are viewing this forum as a guest. Login to an existing account, or create a new account, to reply to topics and to create new topics.

#1 11-17-2020 04:17:13

sdn
Member
From: UK
Registered: 05-29-2007
Posts: 840

jQuery 3.3.1 Reported as Vulnerable

We ran a page test on our site using https://www.webpagetest.org and it came back with all A's apart from Security score of B.

It said jquery 3.3.1 is vulnerable and should upgrade to 3.4.0 or later (which also has issues acording to https://snyk.io/vuln/npm:jquery).

Is that a case of simply uploading a newer version of jquery to "public_html/media/jquery" or would doing so break bits of K9?

Will it be addressed by the imminent K9 update?

Last edited by sdn (11-17-2020 04:19:26)


Simon

Offline

 

#2 11-17-2020 08:03:08

webmaster
Administrator
From: York, PA
Registered: 04-20-2001
Posts: 19577
Website

Re: jQuery 3.3.1 Reported as Vulnerable

We will be packaging the latest jQuery with 9.0.4.  That's usually updated when a new release comes out.  Replacing jQuery in your install will *probably* work, but I'd recommend having us test it first in conjunction with the pending update.


Nick Hendler

Offline

 

Board footer