The identified library jquery, version 1.12.4 is vulnerable.

1 Answer 25 Views
General Discussions
Aleksandr
Top achievements
Rank 1
Iron
Iron
Veteran
Aleksandr asked on 27 Dec 2021, 06:18 PM
owasp reports vulnerability to the jquery version you ship together with components, any plans to switch to the upper version?

1 Answer, 1 is accepted

Sort by
0
Vessy
Telerik team
answered on 28 Dec 2021, 06:57 AM

Hello Aleksandr,

Thank you for contacting us. We are aware of this report. The jQuery version that is shipped is an older version due to the better legacy support that some of our clients demand.  


However, that does not mean that you are forced to use that specific version. Kendo UI for jQuery supports the latest jQuery version and you can safely change your reference to a desired jQuery version and avoid the vulnerability described in that report.

Regards,
Vessy
Progress Telerik

Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.

Tags
General Discussions
Asked by
Aleksandr
Top achievements
Rank 1
Iron
Iron
Veteran
Answers by
Vessy
Telerik team
Share this question
or