Hi.
Google Chrome DevTool Audit show that jQuery library from Nicepage is outdated and have known security vulnerabilities.
Why Nicepage use jQuery v1.9.1 instead v3.4.x?
Hi.
Google Chrome DevTool Audit show that jQuery library from Nicepage is outdated and have known security vulnerabilities.
Why Nicepage use jQuery v1.9.1 instead v3.4.x?
That's a pretty good question actually, any compatibility issues with the latest version ?
Can we replace jQuery lib ourselve in the exported files ?
I, to test it, replaced it with the most recent version, overwrite the file and everything works as it was
I, to test it, replaced it with the most recent version, overwrite the file and everything works as it wasHi,
We are using the most popular version of jQuery library. It is widely used in the world now and it does not have any compatibility issues with the other libraries and their versions.
In case of using the third-party theme and Nicepage plug-in on the site, the theme's library version will be used on the site.
...................................................
Sincerely,
Hella
Nicepage Support Team
Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp
If something is "widely used on the Internet" that does not mean it is a good practice to support its usage in a product like yours.
Well, it looks like you are supporting exploiting vulnerabilities on site created with Nicepage with including a vulnerable code in the production code your software creates AND without a warning to those who are not familiar with checking things like this before they publish their sites online.
How many sites are created with your vulnerable code already?
If something is "widely used on the Internet" that does not mean it is a good practice to support its usage in a product like yours. Well, it looks like you are supporting exploiting vulnerabilities on site created with Nicepage with including a vulnerable code in the production code your software creates AND without a warning to those who are not familiar with checking things like this before they publish their sites online. How many sites are created with your vulnerable code already?Hi,
As mentioned above, we're using the most popular version. It means that it is used on a large number of websites. Not Nicepage websites. If it caused persistent security problems, it would not be used so widely.
In fact, almost every site is vulnerable. Whatever version of the Jquery is used.
...................................................
Sincerely,
Olivia
Nicepage Support Team
Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp
Thanks for the Information, guys!
We just got a FB Comment about it, and saying its "popular" is the biggest security risk ever. You have to ensure at least a proper implementation. We and other customers could get sued for errors like this - get your stuff together nicepage...
Hi,
We will update jQuery version in future updates.
...................................................
Sincerely,
Eugene
Nicepage Support Team
Please subscribe to our YouTube channel: http://youtube.com/nicepage?sub_confirmation=1
Follow us on Facebook: http://facebook.com/nicepageapp