Topic: JQuery version has known security vulnerability
I was checking a page with a gallery in it with Lighthouse and it comes up with an error:
"Includes front-end JavaScript libraries with known security vulnerabilities"
Library Version Vulnerability Count Highest Severity
jQuery@1.7.0 1 Medium
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Googles Advice: “Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version, or consider using a different library.”
It appears that you have JQuery built into the JS file. Is there a way to fix this issue? Google surely doesn't want to serve sites with security issues.
Thanks.