A client's security audit software has identified the version of jQuery included with VIVO (1.12.4) as a security vulnerability of 'medium' severity.
jQuery v 1.12.4 was released in May 2016. The v1 line hasn't been updated since then. I don't have any details on what the potential issues are with using the library, but it seems prudent to update to a modern version if we plan to keep using the library.
chenejac
commented
3 years ago
Benjamin Gross (Migrated from VIVO-1942) said:
A client's security audit software has identified the version of jQuery included with VIVO (1.12.4) as a security vulnerability of 'medium' severity.
jQuery v 1.12.4 was released in May 2016. The v1 line hasn't been updated since then. I don't have any details on what the potential issues are with using the library, but it seems prudent to update to a modern version if we plan to keep using the library.