cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What is the way to upgrade jQuery libraries in an SAP UI5 Application developed in Eclipse tool?

Go to solution
former_member689364
Discoverer

on ‎07-23-2020 10:16 AM

0 Kudos

vv.pngHi Team,

During the application scan by security team we got few vulnerabilities, among which there is a vulernability realted tojavascript library( as shown in screenshot below):

1) 150162 Use of JavaScript Library with Known Vulnerability

We are unable to upgrade the library as we are not using it explicitly in our application
we also tried to upgrade the sap ui5 plugins present in the eclipse but still the issue didnt got resolved.

Kindly help us to get a way to upgrade jquery version 1.11.1 to 1.12.0.

Thanks in advance!!
Regards,

Liji Johny

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

thalesvb
Active Contributor
‎07-23-2020 10:53 AM

Hi, there is a site somewhere else explaining how to do it, even not using directly you can load it before UI5 loads its version, but there is no guarantee that your app will work without issues, since SAP validates only for that version delivered on UI5, and you'll have to deal on your own if it breaks.

If you read a bit about XSS (Cross Site Scripting) you'll find other ways to deal with it, like Content Security Policies. It'll block XSS and you don't need to worry that much about jQuery version (latest UI5 version uses 2.2.3, which is still vulnerable to XSS).

Best regards

Show replies
Show replies

Answers (1)

Answers (1)

former_member689364
Discoverer
‎07-24-2020 10:29 AM
0 Kudos

Hi Thales,
Thank you for answering!!
Issue got resolved 🙂

Show replies
Show replies
Ask a Question