Expand my Community achievements bar.

JQuery 1.12.4-aem Flagged in Vulnerability Scan

Avatar

Level 1

Hello All, 

 

Our author environment (6.5.9) is being flagged for the outdated version of JQuery (1.12.4-aem) in vulnerability scans. I understand that this is an Adobe-modified version and not the default 1.12.4 that has reached it's EOL.

Would like to know what measures were done to mitigate security issues? What were the security issues addressed? 

Is there any documentation where we can find this info?

 

Thank you!

 

 

 

 

 

 

 

2 Replies

Avatar

Level 1

Hi @Bhuwan_B , thanks! This post refers to the published site's referenced JQuery. For our case, we are being flagged for the version being used internally by the author instance (i.e. the version when on the AEM sign in page).

 

nadeens_0-1645060283911.png

 

The comments in the jQuery v1.12.4-aem source code show some comments of vulnerabilities addressed. Is there any official documentation where we can find the same info? 

 

Thank you!