We have been trying to get a site up using opencart and are now trying to get our site as secure as possible. Whilst running checks it has been noted that we need to fix some javascript vulnerabilities and also make cookies secure. In regards to the libraries that have vulnerabilities we have noted the ones below that
- Bootstrap on 3.3.5 needs upgrading to 3.4.0 minimum
- jQuery on 2.1.1 needs upgrading to 3.4.0 minimum
- Lodash on 4.17.11 needs upgrading to 4.17.12 minimum
Is anyone able to help as this has been causing us some problems and otherwise we love Opencart compared to some of the other ones we have tried in the past.
We also have to update our Content Security Policy but this should not cause this issue as far as we are aware.
Thanks