Upgrade jQuery to 3.x
tqnguyen9 opened this issue · 0 comments
tqnguyen9 commented
Exhibitor currently ships with jQuery 1.7.1.
At the time of writing, jQuery 1.7.1 has several vulnerabilities. These are ones I found, but there may be more.
https://nvd.nist.gov/vuln/detail/CVE-2015-9251
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
Upgrading jQuery to the latest version (3.4.1 at the time of writing) would eliminate the threat of vulnerabilities from customers.