Research: 37% of Websites Use Vulnerable JavaScript Libraries

By HTMLGoodies Staff

A group of researchers from Northeastern University has published a new study of 133,000 websites which found that 37 percent used at least one JavaScript library with a known security vulnerability. According to the analysis, "36.7 percent of jQuery, 40.1 percent of Angular, 86.6 percent of Handlebars, and 87.3 percent of YUI inclusions use a vulnerable version." Not surprisingly, less-popular websites (those not on the Alexa top 100) were more likely to have vulnerabilities.

The report concludes, "Perhaps our most sobering finding is practical evidence that the JavaScript library ecosystem is complex, unorganized, and quite 'ad hoc' with respect to security."

View article

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.
Thanks for your registration, follow us on our social networks to keep up-to-date