I am currently implementing Kendo UI for ASP.Net MVC.
My application has detected a vulnerability with the latest version of JQuery so there is no version to move to to resolve this vulnerability.
As Kendo comes with JQuery in the package is there work on-going to work with the JQuery community to fix this issue?
Hi, Paul,
There are currently no plans for modifying the scripts as all of the warnings that vulnerability tools report are false positives. Due to the nature of certain functionalities, we have to execute certain operations that are interpreted as a vulnerability, like modifying the URL. However, this is not an actual vulnerability as the values used in the URL are generated by us.