owasp reports vulnerability to the jquery version you ship together with components, any plans to switch to the upper version?
1 Answer, 1 is accepted
0
Vessy
Telerik team
answered on 28 Dec 2021, 06:57 AM
Hello Aleksandr,
Thank you for contacting us. We are aware of this report. The jQuery version that is shipped is an older version due to the better legacy support that some of our clients demand.
However, that does not mean that you are forced to use that specific version. Kendo UI for jQuery supports the latest jQuery version and you can safely change your reference to a desired jQuery version and avoid the vulnerability described in that report.