Ask Questions and Find Answers
Important:
Ask is now read-only. You can review any existing questions and answers, but not add anything new.
But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:
discuss.liferay.com
Liferay 7.3.0GA flag out by security scan for JQuery & Lodash package
Hi,
We are using Liferay 7.3.0GA. A recent security has flagged out 2 libraries used by Liferay. May I know what is the next possible Liferay version to upgrade to? Or any possible way to upgrade this 2 libraries without changing liferay version?
We hope to upgrade jQuery version 3.3.1 to 3.5.0 and Lodash version 3.10.1 to 4.17.21
JQuery seems to be used by Liferay Login thus cannot be changed.
/auth/resources/7.3.0.ga/login/admin/js/jquery.min.js
Lodash seems to be used for theme by default thus cannot be changed.
/o/frontend-js-web/everything.jsp?browserId=other&themeId=site_WAR_sitetheme&colorSchemeId=01&minifierType=js&minifierBundleId=javascript.everything.files&languageId=en_US&b=7006&t=1654137426213
Thanks
Powered by Liferay™