Magento 1.9.4.1 - SUPEE-10975 - Failed. Outdated JQuery library v.1.12.0 found

Question

I have upgrade version and during Magento security scan I got this error. I have removed old Jquery and added v.1.12.1

I replaced it in all page.xml. When I tried to check Jquery version of my store by running this from the console of browser

console.log(jQuery.fn.jquery);

I am getting result 1.12.0

I have scanned all file and not able to find 12.1.0 not sure from where scan getting it.

Answer 1

I have found jQuery versions hidden in the following places while updating our client's sites.

1. Codebase (phtml/xml files)
2. Backend Config HEAD/Footer html areas
3. CMS Blocks
4. Modules / JS Libraries loading their own version of jQuery
5. Being dynamically injection after the sites loaded via javascript somewhere

First thing would be to check if its within the backend header/footer script inputs in system config

Then if that failed I would, if possible, disable merged javascript as it will allow us to identify where it's coming from better.

Then using dev tools search function within the drawer, search for strings related to your jQuery instance (usually version number works), eg 1.12.0 or jQuery:

You should be able to identify now the filename/path that the jQuery is loading from and whether it's embedded within a JS library or packaged with a module.

If you can't manually find where it's being injection from with the filename and path. You can try searching all the files in your Magento install with grep, replacing the jQuery string with the js file that jQuery is contained in or even just the jQuery version number could work

• If server SSH into it
• grep -rl "jQuery.1.12.0.min.js" /path/to/magento/install

If you still can't find it within the files, you could try to check CMS static blocks/pages with SQL

SELECT * FROM cms_block WHERE content LIKE '%jQuery.1.12.0.min.js%';

SELECT * FROM cms_page WHERE content LIKE '%jQuery.1.12.0.min.js%';