Skip to main content

Fix example direct vulnerability for Bower

When your configuration file specifically references a library, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for a Cross-site Scripting (XSS) Through link-to Title Attribute vulnerability in Ember, version 1.2.0 in example-javascript-bower repository.

To complete this task:

Add this line to the bower.json file in the root of the project:
```
"ember": "1.2.2"
```
Run this command to install Ember version 1.2.2:
```
bower update ember
```
Validate the fix.

Did you find this helpful?