The vulnerability of the jQuery library lies in its lack of protection for website structures, allowing attackers to execute cross-site scripting attacks.

🗓️ 13 Nov 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

The jQuery vulnerability exposes web structure and enables cross-site scripting via options element.

Reporter	Title	Published	Views	Family All 47
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Ant affect IBM Operations Analytics - Log Analysis (CVE-2020-11023, CVE-2020-23064, CVE-2020-11022)	6 Sep 202408:33	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in jQuery, Moment, Jackson-mapper-asl and Red Hat JBoss Enterprise Application Platform might affect IBM Storage Defender Copy Data Management.	16 May 202519:26	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in Python may affect IBM Robotic Process Automation for Cloud Pak and result in an attacker sending invalid emails. (CVE-2023-27043).	23 Nov 202321:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Decision Optimization for Cloud Pak for Data is vulnerable to a remote attacker (CVE-2019-11358)	20 Jun 202408:46	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in jquery may affect IBM Robotic Process Automation for Cloud Pak and result in an attacker obtaining sensitive information. (CVE-2020-23064)	1 Nov 202322:16	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Containerized Identity Manager	3 Feb 202522:50	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	2 Aug 202515:58	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale are now fixed.	9 Dec 202418:18	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Ant and Apache Derby affect IBM Operations Analytics - Log Analysis (CVE-2019-11358, CVE-2020-23064, CVE-2020-11023, CVE-2020-11022)	21 Aug 202511:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Engineering Lifecycle Optimization - Publishing (PUB) jQuery Vulnerability	15 Feb 202408:18	–	ibm

Vulners

Node

red_hat red_hat_storageMatch3

OR

red_hat openshift_container_platformMatch4

OR

red_hat red_hat_satelliteMatch6

OR

jquery jqueryRange2.2.0–3.5.0

OR

red_hat red_hat_enterprise_linuxMatch8

Source	Link
blog	www.blog.jquery.com/2020/04/10/jquery-3-5-0-released/
security	www.security.netapp.com/advisory/ntap-20230725-0003/
snyk	www.snyk.io/vuln/SNYK-JS-JQUERY-565129
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2023100512
web	www.web.nvd.nist.gov/view/vuln/detail

13 Nov 2023 00:00Current

6.6Medium risk

Vulners AI Score6.6

CVSS 36.1

CVSS 26.4

jQuery library cross site scripting web structure options element