IT just sent us the latest vulnerability report. Two dependencies need updating.

[childers]

Hi all,

Our security team just flagged us for having outdated jQuery and Bootstrap.js. Specifically, here are two excerpts from the vulnerability report. There were a few different hits returned for jQuery.

Bootstrap: According to its self-reported version number, Bootstrap is 3.x prior 3.4.1 or 4.x prior to 4.3.1. Therefore, it may be affected by a Cross-Site Scripting (XSS) vulnerability via data-template attribute for tooltip and popover plugins.

jQuery: According to its self-reported version number, jQuery is at least 1.2.0 and prior to 3.5.0. Therefore, it may be affected by a cross-site scripting vulnerability via the regex operation in jQuery.htmlPrefilter.