JQuery Verison upgradation in Okta-Signin-Widget

Hello Team,
We are using Okta-Signin-Widget npm package for okta login page. This packe is internally using jquery version 1.12.1 which is a old version.
image

Due to this old version, Security scan report giving some critical risks (Critical/High Vulnerabilities)

  1. This vulnerability can be exploited with ease and network access to the system by an attacker who does not have access to credentials with full loss of confidentiality, full impact to the integrity of information and serious issues in rendering the system or information availability. There are currently no exploits in the public domain. However, attacks may be well described or privately held.
  2. This product has reached or will reach its end-of-life and will be no longer supported by the vendor.

Is there any possibility to upgrade the Jquery version using in the okta-signin-widget package or else upgrade the jquery version in okta-signin-widget package in the latest version.

Hi @RavichandarJ

Our engineering team is aware of the old jQuery version implemented in the sign-in widget. The library will be updated in the following version of sign-in widget (v.3). Unfortunately, there is no exact date of it’s release, however you can follow the updates here.