Includes Front-End Javascript Libraries With Known Security Vulnerabilities

Your site's security begins with HTTPS, but we also want to look out for JavaScript libraries with known vulnerabilities. Although in some cases the error isn't as significant as HTTPS, it's still something you should watch for. Below, find how to test for known security vulnerabilities.

What are JavaScript vulnerabilities?

The test is flagged when JQuery isn't deemed secure. This happens when JavaScript on your site uses JQuery to retrieve JavaScript from another domain. Hackers can use web crawlers to scan your site for these vulnerabilities, which they can then attempt to exploit them on your site.

How to test for JavaScript vulnerabilities?

Scan your site on Website Grader to check if you have secured JavaScript libraries. You may also use Lighthouse to flag the front-end JavaScript libraries with known security vulnerabilities, and see which JQuery libraries are the issue. The test checks if your libraries match any of the detected libraries on synk's Vulnerability DB list.

Website performance test results with Includes Front-End JavaScript Libraries With Known Security Vulnerabilities error
Image source: GitHub

Run a Website Test

How to fix the includes front-end JavaScript libraries with known security vulnerabilities error?

After finding the libraries that are vulnerable, you may want to remove the libraries if they don't interrupt your website's experience. You may also consider upgrading libraries to newer versions, as some outdated libraries can be less secure. If the library that you're using is no longer maintained, you may want to consider using a different library.

For HubSpot-hosted sites, you'll want to disable jQuery. You can disable jQuery by navigating to Settings > Pages > jQuery, and uncheck the "include JQuery" box. Then click Save.

Uncheck Include JQuery in HubSpot's settings

Learn how to address javascript vulnerability issues on academy.hubspot.com