Upgrade Jquery and Jquery UI on 1.7.6.9

[hugolin69]

Hi,

I saw there is several CVE related to Jquery 2.2.4 And Jquery UI 1.10.2

Jquery 2.2.4 : CVE-2020-11023, CVE-2020-11022, CVE-2019-11358, CVE-2015-9251

Jquery UI 1.10.2 :CVE-2020-28488, CVE-2021-41184, CVE-2021-41183, CVE-2021-41182, CVE-2016-7103

 

Do I really need to work on this ? 

I can not plan to upgrade to Prestashop 1.7.8.10 and there is no patch I can update manually it seems.

What do you think ?

[hugolin69]

Thank you for your response.

I saw that the vulnerability was medium and the risk was a ddos attack. Even if it is medium, I would like to patch it without updating the whole Prestashop and I am surprised that nobody already worked on this.

[raza56]

To upgrade jQuery and jQuery UI in your web project from version 1.7.6.9 to newer versions, you'll need to follow these general steps:

Backup Your Project: Before making any changes, it's essential to create a backup of your project to ensure that you can revert to the previous state if anything goes wrong.

Check Dependencies: Make sure to review your project's code and any third-party libraries or plugins that rely on jQuery and jQuery UI. Some plugins may have compatibility issues with newer versions, so you may need to update them as well.

[hugolin69]

Thank you for your response, I see the principe of upgrading, I was just wondering if there was a procedure for PRestashop, as the core.js file of the version near still are under 3.5 and the version upper are totally differents.

 

Thank you for the help.

[hugolin69]

Yes, I know, but it is just impossible to upgrade Prestashop easily without broking everything.