Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-11023HistoryApr 29, 2020 - 9:15 p.m.
CVE-2020-11023
2020-04-2921:15:00
Alpine Linux Development Team
security.alpinelinux.org
55
0.019 Low
EPSS
Percentile
88.5%
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
| Alpine | edge-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
| Alpine | 3.11-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
| Alpine | 3.12-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
| Alpine | 3.13-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
| Alpine | 3.14-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
| Alpine | 3.14-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Related
nessus
nessus
Oracle Linux 7 : ipa (ELSA-2021-0860)
2021-03-19 00:00:00
RHEL 7 : ipa (RHSA-2021:0860)
2021-03-17 00:00:00
CentOS 8 : idm:DL1 and idm:client (CESA-2021:1846)
2021-05-19 00:00:00
github
github
Potential XSS vulnerability in jQuery
2020-04-29 22:19:14
Persistent Cross-site Scripting vulnerability in PrivateBin
2022-04-12 20:45:22
cve
cve
CVE-2020-11023
2020-04-29 21:15:00
CVE-2020-23064
2023-06-26 19:15:09
packetstorm
packetstorm
jQuery 1.0.3 Cross Site Scripting
2021-04-14 00:00:00
amazon
amazon
Medium: ipa
2021-04-20 17:55:00
redhat
redhat
(RHSA-2021:0860) Moderate: ipa security and bug fix update
2021-03-16 10:27:14
(RHSA-2021:1846) Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
(RHSA-2020:5412) Moderate: python-XStatic-jQuery224 security update
2020-12-15 17:29:55
zdt
zdt
jQuery 1.0.3 - Cross-Site Scripting Vulnerability
2021-04-14 00:00:00
osv
osv
CVE-2020-11023
2020-04-29 21:15:11
Potential XSS vulnerability in jQuery
2020-04-29 22:19:14
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
ubuntucve
ubuntucve
CVE-2020-11023
2020-04-29 00:00:00
CVE-2020-23064
2023-06-26 00:00:00
cvelist
cvelist
CVE-2020-11023 Potential XSS vulnerability in jQuery
2020-04-29 00:00:00
almalinux
almalinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
Low: pcs security, bug fix, and enhancement update
2021-11-09 08:21:49
ics
ics
Sensormatic Electronics VideoEdge
2021-11-02 12:00:00
oraclelinux
oraclelinux
bootstrap security update
2021-08-09 00:00:00
ipa security and bug fix update
2021-03-19 00:00:00
idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-25 00:00:00
debiancve
debiancve
CVE-2020-11023
2020-04-29 21:15:00
CVE-2020-23064
2023-06-26 19:15:09
redhatcve
redhatcve
CVE-2020-11023
2021-06-20 07:11:02
ibm
ibm
openvas
openvas
jQuery 1.0.3 < 3.5.0 XSS Vulnerability
2020-05-05 00:00:00
openSUSE: Security Advisory for otrs (openSUSE-SU-2020:1888-1)
2020-11-10 00:00:00
Debian: Security Advisory (DLA-2608-1)
2021-03-26 00:00:00
prion
prion
Code injection
2020-04-29 21:15:00
f5
f5
K66544153 : jQuery vulnerability CVE-2020-11023
2020-08-03 00:00:00
rocky
rocky
idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
pcs security, bug fix, and enhancement update
2021-11-09 08:21:49
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-30 02:21:22
exploitdb
exploitdb
jQuery 1.0.3 - Cross-Site Scripting (XSS)
2021-04-14 00:00:00
suse
suse
Security update for otrs (moderate)
2020-11-10 00:00:00
Security update for cacti, cacti-spine (moderate)
2020-07-25 00:00:00
Security update for cacti, cacti-spine (moderate)
2020-07-28 00:00:00
attackerkb
attackerkb
CVE-2020-11022
2020-04-29 00:00:00
CVE-2020-11023
2020-04-29 00:00:00
hp
hp
Certain HP Printers and MFP products - Cross-Site Scripting (XSS)
2020-09-17 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Jquery
2021-10-16 01:10:33
Exploit for Cross-site Scripting in Jquery
2020-04-14 19:12:01
checkpoint_advisories
checkpoint_advisories
jQuery Cross Site Scripting (CVE-2020-11022; CVE-2020-11023)
2020-11-16 00:00:00
atlassian
atlassian
jquery 2.2.4 XSS vulnerability
2022-08-24 14:53:45
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
2021-02-02 09:59:24
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
2021-02-02 09:59:24
debian
debian
[SECURITY] [DLA 2608-1] jquery security update
2021-03-26 01:32:42
[SECURITY] [DSA 4693-1] drupal7 security update
2020-05-26 21:08:21
fedora
fedora
[SECURITY] Fedora 32 Update: drupal8-8.9.0-1.fc32
2020-06-16 01:32:24
[SECURITY] Fedora 33 Update: drupal7-7.72-1.fc33
2020-09-25 17:15:48
[SECURITY] Fedora 32 Update: cacti-1.2.13-1.fc32
2020-07-23 01:06:59
joomla
joomla
[20200604] - Core - XSS in jQuery.htmlPrefilter
2020-04-10 00:00:00
drupal
drupal
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
2020-05-20 00:00:00
typo3
typo3
Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)
2020-07-29 00:00:00
gentoo
gentoo
Cacti: Multiple vulnerabilities
2020-07-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1
2020-10-21 00:00:00
freebsd
freebsd
Cacti -- multiple vulnerabilities
2020-07-15 00:00:00
adobe
adobe
APSB19-38 Security update available for Adobe Experience Manager
2019-07-09 00:00:00