Skip to main content

Fix example direct vulnerability for Bower

When your configuration file specifically references a library, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for a Cross-site Scripting (XSS) Through link-to Title Attribute vulnerability in Ember, version 1.2.0 in example-javascript-bower repository.

To complete this task:

  1. Add this line to the bower.json file in the root of the project:

    "ember": "1.2.2"
  2. Run this command to install Ember version 1.2.2:

    bower update ember
  3. Validate the fix.