Out-of-date Version (jQuery)

%3CLINGO-SUB%20id%3D%22lingo-sub-1663933%22%20slang%3D%22en-US%22%3EOut-of-date%20Version%20(jQuery)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1663933%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20this%20vulnerablity%20report%20which%20says%20i%20have%20a%20out%20of%20date%20jquery%20which%20is%26nbsp%3Bvulnerable%20to%20attacks.%3C%2FP%3E%3CP%3Ewhich%20say%20the%20jquery%20is%20under%26nbsp%3B%3CSTRONG%3Esharedhovercard.js%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E4.1%20%2F_layouts%2F15%2Fsharedhovercard.js%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftecomgdev.sharepoint.com%2F_layouts%2F15%2Fsharedhovercard.js%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Ftecomgdev.sharepoint.com%2F_layouts%2F15%2Fsharedhovercard.js%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ehow%20do%20i%20upgrade%20the%20jquery%20version%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1663933%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESharePoint%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EVulnerability%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1764573%22%20slang%3D%22en-US%22%3ERe%3A%20Out-of-date%20Version%20(jQuery)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1764573%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F792734%22%20target%3D%22_blank%22%3E%40shehran%3C%2FA%3EWe%20have%20the%20same%20vulnerability.%20The%20security%20scan%20flagged%26nbsp%3Bsharedhovercard.js%20because%20it%20found%20the%20following%20comment%20at%20the%20top%20of%20the%20file%3A%26nbsp%3B%3CBR%20%2F%3E%2F*!%20jQuery%20v1.7.2%20jquery.com%20*%2F%3CBR%20%2F%3EWe're%20wondering%20if%20Microsoft%20has%20a%20patch%20for%20this%20or%20not.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

I have this vulnerablity report which says i have a out of date jquery which is vulnerable to attacks.

which say the jquery is under sharedhovercard.js

 

4.1 /_layouts/15/sharedhovercard.js
https://tecomgdev.sharepoint.com/_layouts/15/sharedhovercard.js

 

how do i upgrade the jquery version?

2 Replies
Highlighted

@shehranWe have the same vulnerability. The security scan flagged sharedhovercard.js because it found the following comment at the top of the file: 
/*! jQuery v1.7.2 jquery.com */
We're wondering if Microsoft has a patch for this or not.

Highlighted

@shehran We have the exact same vulnerability reported to have the outdated jQuery updated to the latest version. The security scan flagged sharedhovercard.js because it found the following comment: /*! jQuery v1.7.2 jquery.com */
Could the fix for this be included in the monthly Microsoft patch?