Don't reference JavaScript libraries with known vulnerabilities in client-side web part manifest

Don't load scripts from unapproved locations

Don't use component properties without escaping

Don't load JavaScript libraries with known vulnerabilities in JavaScript file

Don't reference scripts from unapproved locations

Don't reference JavaScript libraries with known vulnerabilities in project

Don't reference JavaScript libraries with known vulnerabilities in client-side extension manifest

Don't reference JavaScript libraries with known vulnerabilities in client-side web part manifest

JavaScript libraries with known vulnerabilities expose your solution to exploits and you shouldn't use them until the vulnerability has been fixed.

CheckId	SPF020703
TypeName	DontReferenceLibrariesWithVulnerabilitiesInClientSideWebPartManifest
Severity	CriticalError
Type	Web Part Manifest

Resolution

Update the affected JavaScript library to a version without vulnerabilities

Message Suppression

SharePoint Customization Analysis Framework (SPCAF), 7.15.0.0

Disclaimer: The views and opinions expressed in this documentation and in SPCAF do not necessarily reflect the opinions and recommendations of Microsoft or any member of Microsoft. SPCAF and RENCORE are registered trademarks of Rencore. All other trademarks, service marks, collective marks, copyrights, registered names, and marks used or cited by this documentation are the property of their respective owners.