CVE-2012-6708

🗓️ 18 Jan 2018 23:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 981 Views🌐 WEB

jQuery before 1.9.0 XSS Vulnerabilit

Reporter	Title	Published	Views	Family All 93
IBM Security Bulletins	Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 20 (4.2.0.20)	11 Nov 202411:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in jQuery.	14 Feb 202321:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM WebSphere eXtreme Scale Liberty Deployment.	21 Mar 202318:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	30 Mar 202620:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in JQuery, Node.js and Swagger UI	17 May 202319:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	4 May 202117:43	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Dojo and jQuery might affect IBM Business Automation Workflow and IBM Business Process Manager (BPM)	14 Sep 202215:28	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Netezza Analytics - NPS	11 Jul 202511:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in JQuery Java Script Library Affects IBM Watson Machine Learning Accelerator on Cloud Pak for Data	6 Dec 202316:27	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in Swagger UI affect IBM Business Automation Workflow and IBM Business Process Manager (BPM)	14 Sep 202215:28	–	ibm

NVD

Node

jquery jqueryRange<1.9.0

Source	Link
securityfocus	www.securityfocus.com/bid/102792
bugs	www.bugs.jquery.com/ticket/11290
lists	www.lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
lists	www.lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
packetstormsecurity	www.packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html
help	www.help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
snyk	www.snyk.io/vuln/npm:jquery:20120206
github	www.github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d
lists	www.lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html
lists	www.lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

Parameter	Position	Path	Description	CWE
Email Address	nested	/	XSS via vulnerable login form input (email field) on the affected router login page (uses jQuery strInput handling).	CWE-79

21 Nov 2024 01:46Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

CVSS 36.1

EPSS0.00902

jquery cross-site scripting xss security vulnerability nvd