In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
Alpine | edge-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Alpine | 3.11-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Alpine | 3.12-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Alpine | 3.13-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
Alpine | 3.13-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Alpine | 3.14-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
Alpine | 3.14-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |
Alpine | 3.15-community | noarch | cacti | < 1.2.13-r0 | UNKNOWN |
Alpine | 3.15-community | noarch | drupal7 | < 7.70-r0 | UNKNOWN |