jquery package is vulnerable to Prototype Pollution. The
jQuery.fn.extend functions defined in many files allow an untrusted object to extend
NOTE: This vulnerability has been assigned CVE-2019-11358.
Advisory Deviation Notice: The Sonatype security research team discovered that the CVSS score of the vulnerability is 9.8, not 6.1 as the advisory states.
The application is vulnerable by using this component.
We recommend upgrading to a version of this component that is not vulnerable to this specific issue.