We've recently had some pen testing carried out on the site. One identified vulnerability is to do with JQuery version that ships with H5P.
I've attached an image detailing the old JQuery versions and the path to it. The pen testers said:
"Please note that the version 1 and 2 branches of jQuery are now unsupported, and as such will no longer receive any future security updates. Consider upgrading the website to the latest stable version of jQuery."
Do you have any releases or plans to mitigate these vulnerabilities?