on 07-23-2020 10:16 AM
vv.pngHi Team,
During the application scan by security team we got few vulnerabilities, among which there is a vulernability realted tojavascript library( as shown in screenshot below):
1) 150162 Use of JavaScript Library with Known Vulnerability
We are unable to upgrade the library as we are not using it explicitly in our application
we also tried to upgrade the sap ui5 plugins present in the eclipse but still the issue didnt got resolved.
Kindly help us to get a way to upgrade jquery version 1.11.1 to 1.12.0.
Thanks in advance!!
Regards,
Liji Johny
Hi, there is a site somewhere else explaining how to do it, even not using directly you can load it before UI5 loads its version, but there is no guarantee that your app will work without issues, since SAP validates only for that version delivered on UI5, and you'll have to deal on your own if it breaks.
If you read a bit about XSS (Cross Site Scripting) you'll find other ways to deal with it, like Content Security Policies. It'll block XSS and you don't need to worry that much about jQuery version (latest UI5 version uses 2.2.3, which is still vulnerable to XSS).
Best regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Thales,
Thank you for answering!!
Issue got resolved 🙂
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
74 | |
9 | |
7 | |
7 | |
6 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.