We are using Okta-Signin-Widget npm package for okta login page. This packe is internally using jquery version 1.12.1 which is a old version.
Due to this old version, Security scan report giving some critical risks (Critical/High Vulnerabilities)
- This vulnerability can be exploited with ease and network access to the system by an attacker who does not have access to credentials with full loss of confidentiality, full impact to the integrity of information and serious issues in rendering the system or information availability. There are currently no exploits in the public domain. However, attacks may be well described or privately held.
- This product has reached or will reach its end-of-life and will be no longer supported by the vendor.
Is there any possibility to upgrade the Jquery version using in the okta-signin-widget package or else upgrade the jquery version in okta-signin-widget package in the latest version.