You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
When using one of the tools for SAST (Static Application Security Testing), I found out about one issue in your package hierarchical dependency listed above.
└── [email protected]
└── [email protected] (Though it is not directly dependent on the scriptjs package, the scriptjs package uses jQuery 1.5.2 in it.). at above path \node_modules\scriptjs\vendor\jquery.js
Hi,
When using one of the tools for SAST (Static Application Security Testing), I found out about one issue in your package hierarchical dependency listed above.
└── [email protected]
└── [email protected] (Though it is not directly dependent on the scriptjs package, the scriptjs package uses jQuery 1.5.2 in it.). at above path \node_modules\scriptjs\vendor\jquery.js
Error:
jQuery 1.5.2 has known vulnerabilities: severity: medium; summary: XSS with location.hash, CVE: GHSA-579v-mp3v-rrw5, githubID: GHSA-579v-mp3v-rrw5; http://research.insecurelabs.org/jquery/test/
Recommendation
Upgrade to version 1.9.0 or later.
As the tool suggests, the JQuery 1.5.2 version has some security vulnerabilities, so upgrading this package to the latest would help.
#110 Please check this one for more reference.
The text was updated successfully, but these errors were encountered: