DSpace 6.3 : JQuery upgrade from version 1 to 3

[Nada Aboueata]

Dear DSpace community,

We are  implementing dspace version 6.3, and noticed that it implements jquery version 1.10 which is vulnerable to XSS. 

As a permanent and long term solution, it has been recommended to upgrade dspace from version 6.3 to 6.4 as it has been addressed in version 6.4. However, we would like to get a quick solution.  

Could you please advise if there is any patch provided to upgrade jquery version from 1 to 3 in dspace 6.3, specifically for XMLUI theme (Mirage2 theme).

[Hrafn Malmquist]

Dear Nada Aboueata

The code changes needed to upgrade jQuery to 3 were extensive and can be reviewed here: https://github.com/DSpace/DSpace/pull/2918

You may want to try to create a patch. I don't know how easy that would be.

I would highly recommend you to upgrade to DSpace 7 as DSpace 6 is no longer supported.

Best regards, Hrafn

--
All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/CAPzkmC7xcNgfZ_Vh7RWvf1Wf4Fa665QkejemUgyK67HeN%3Dezeg%40mail.gmail.com.