Remove vulnerable jquery from repository

Question

Remove vulnerable jquery from repository

timobrembeck opened this issue 2 years ago · 0 comments

Describe the Bug

At the moment, we ship a vulnerable version of jquery within the repo:
https://github.com/digitalfabrik/lunes-cms/blob/develop/lunes_cms/static/js/jquery.min.js

Expected Behavior

Either use the jquery version that is shipped with django admin, or use the packaged version from npm to avoid having a static version of jquery in the static files.

Actual Behavior

A vulnerable version of the jquery library is contained in the static files