Skip to Content

What is the way to upgrade jQuery libraries in an SAP UI5 Application developed in Eclipse tool?

vv.pngHi Team,

During the application scan by security team we got few vulnerabilities, among which there is a vulernability realted tojavascript library( as shown in screenshot below):

1) 150162 Use of JavaScript Library with Known Vulnerability

We are unable to upgrade the library as we are not using it explicitly in our application
we also tried to upgrade the sap ui5 plugins present in the eclipse but still the issue didnt got resolved.

Kindly help us to get a way to upgrade jquery version 1.11.1 to 1.12.0.

Thanks in advance!!

Liji Johny

vv.png (71.1 kB)
Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • Best Answer
    Posted on Jul 23, 2020 at 09:53 AM

    Hi, there is a site somewhere else explaining how to do it, even not using directly you can load it before UI5 loads its version, but there is no guarantee that your app will work without issues, since SAP validates only for that version delivered on UI5, and you'll have to deal on your own if it breaks.

    If you read a bit about XSS (Cross Site Scripting) you'll find other ways to deal with it, like Content Security Policies. It'll block XSS and you don't need to worry that much about jQuery version (latest UI5 version uses 2.2.3, which is still vulnerable to XSS).

    Best regards

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Jul 24, 2020 at 09:29 AM

    Hi Thales,
    Thank you for answering!!
    Issue got resolved :)

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.