Vulnerability in jquery

Hello everyone.
Within the financial application that we are doing, some security tests are being made and a vulnerability was detected in the jquery library v1.12.4 used by vaadin. Is there any direct way to update this library to pass the tests?

Vulnerability information


Best regards,

Nelson F.


First of all, you need to add a new dependency for the Web Module of your application with a new version of the jQuery library, for example:

configure(webModule) {
    dependencies {
        compile 'org.webjars:jquery:3.2.1'

Then you need to specify a new path to the jQuery library which is used in a project as WebJar. To do so, define the cuba.web.webjars.jqueryPath property in the file, for example:

cuba.web.webjars.jqueryPath = jquery/3.2.1/jquery.min.js

Pay attention that the FileUploadField uses the jQuery UI and jQuery FileUpload libraries, so make sure that a new version of jQuery is compatible with them.



Thx @gorelov, we will do tests again.