jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OSVersionArchitecturePackageVersionFilename
Debian10alljquery< 3.1.1-1jquery_3.1.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	10	all	jquery	< 3.1.1-1	jquery_3.1.1-1_all.deb

ubuntucve 1

openvas 4

ibm 41

f5 1

ics 3

osv 5

nessus 36

freebsd 2

cloudfoundry 1

attackerkb 1

prion 1

github 1

alpinelinux 1

cve 2

hackerone 1

atlassian 3

laminas 2

redhat 10

fortinet 1

archlinux 2

suse 1

amazon 2

thn 1

oraclelinux 3

rocky 2

centos 1

almalinux 2

oracle 9

ubuntucve

CVE-2015-9251

2018-01-18 00:00:00

openvas

jQuery < 3.0.0 XSS Vulnerability

2018-11-01 00:00:00

Tenable Nessus Network Monitor < 5.11.0 Multiple Vulnerabilities (TNS-2019-08)

2022-12-20 00:00:00

openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)

2020-03-29 00:00:00

ibm

Security Bulletin: A Security Vulnerability affects IBM® Cloud Private (CVE-2015-9251)

2018-11-19 15:40:01

Security Bulletin: IBM API Connect V5 is vulnerable to cross-site scripting in jQuery (CVE-2015-9251)

2021-01-04 22:53:16

Security Bulletin: IBM Tivoli Netcool Impact is affected by a jQuery vulnerability (CVE-2015-9251)

2019-12-20 08:47:33

K29562170 : jQuery vulnerability CVE-2015-9251

2020-02-19 00:00:00

ics

AVEVA InTouch Access Anywhere

2018-07-31 12:00:00

Philips Vue PACS (Update C)

2023-02-21 12:00:00

Pepperl+Fuchs WirelessHART-Gateway

2022-04-07 12:00:00

osv

CVE-2015-9251

2018-01-18 23:29:00

Cross-Site Scripting (XSS) in jquery

2018-01-22 13:32:06

Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

nessus

JQuery < 3.0.0 XSS

2019-05-15 00:00:00

FreeBSD : rt -- XSS via jQuery (416ca0f4-3fe0-11e9-bbdd-6805ca0b3d42)

2019-03-07 00:00:00

FreeBSD : RDoc -- multiple jQuery vulnerabilities (ed8d5535-ca78-11e9-980b-999ff59c22ea)

2019-08-30 00:00:00

freebsd

rt -- XSS via jQuery

2019-03-05 00:00:00

RDoc -- multiple jQuery vulnerabilities

2019-08-28 00:00:00

cloudfoundry

CVE-2015-9251: UAA contains vulnerable jQuery version | Cloud Foundry

2019-07-08 00:00:00

attackerkb

CVE-2015-9251

2018-01-18 00:00:00

prion

Cross site scripting

2018-01-18 23:29:00

github

Cross-Site Scripting (XSS) in jquery

2018-01-22 13:32:06

alpinelinux

CVE-2015-9251

2018-01-18 23:29:00

cve

CVE-2015-9251

2018-01-18 23:29:00

CVE-2017-16012

2018-06-04 19:29:00

hackerone

Ruby: Ruby is shipping a vulnerable jQuery

2019-03-30 14:10:34

atlassian

Jira uses vulnerable jQuery version CVE-2015-9251

2020-04-20 13:29:57

The jQuery version used in JIRA needs to be updated

2015-05-18 09:31:54

Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251

2021-02-16 18:28:38

laminas

XSS and RCE vectors in laminas-api-tools/api-tools-documentation-swagger

2020-04-01 21:30:00

XSS vectors in laminas-api-tools/api-tools

2020-04-01 21:30:00

redhat

(RHSA-2020:0481) Important: Red Hat JBoss Fuse/A-MQ 6.3 R15 security and bug fix update

2020-02-12 15:24:44

(RHSA-2020:0729) Important: Red Hat Data Grid 7.3.5 security update

2020-03-05 13:05:49

(RHSA-2020:4670) Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

fortinet

Protect

2019-04-10 00:00:00

archlinux

[ASA-201910-4] ruby-rdoc: cross-site scripting

2019-10-02 00:00:00

[ASA-201910-5] ruby2.5: multiple issues

2019-10-02 00:00:00

suse

2020-03-28 00:00:00

amazon

Important: ruby24

2020-08-26 23:09:00

Medium: ipa

2020-10-22 17:40:00

thn

Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems

2021-07-09 07:00:00

oraclelinux

idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-10 00:00:00

ipa security, bug fix, and enhancement update

2020-10-06 00:00:00

pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

2020-11-10 00:00:00

rocky

idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

2020-11-03 12:29:58

centos

ipa, python2 security update

2020-10-20 18:15:27

almalinux

Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update

2020-11-03 12:29:58

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - January 2019

2019-01-15 00:00:00

Oracle Critical Patch Update Advisory - April 2019

2019-04-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.4%

JSON

Related for DEBIANCVE:CVE-2015-9251