Lucene search

K

JQuery 1.2 < 3.5.0 Multiple XSS

The remote web server is affected by multiple cross site scripting vulnerabilities due to jQuery version greater than or equal to 1.2 and prior to 3.5.0. Upgrading to jQuery version 3.5.0 or later is the solution

Show more
Related
Refs
Code
#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(136929);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/01/24");

  script_cve_id("CVE-2020-11022", "CVE-2020-11023");
  script_xref(name:"IAVB", value:"2020-B-0030");
  script_xref(name:"CEA-ID", value:"CEA-2021-0004");
  script_xref(name:"CEA-ID", value:"CEA-2021-0025");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2025/02/13");

  script_name(english:"JQuery 1.2 < 3.5.0 Multiple XSS");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server is affected by multiple cross site scripting
vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater
than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios 
required for successful exploitation do not exist on devices running a PAN-OS release.");
  script_set_attribute(attribute:"see_also", value:"https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/");
  script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/PAN-SA-2020-0007");
  script_set_attribute(attribute:"solution", value:
"Upgrade to JQuery version 3.5.0 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-11023");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/04/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/28");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:jquery:jquery");
  script_set_attribute(attribute:"stig_severity", value:"II");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses : XSS");

  script_copyright(english:"This script is Copyright (C) 2020-2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("jquery_detect.nasl", "palo_alto_version.nbin", "cisco_wlc_version.nasl", "cisco_apic_version.nbin");
  script_require_keys("installed_sw/jquery");
  script_exclude_keys("Host/Palo_Alto/Firewall/Version", "Host/Cisco/WLC/Version");
  script_require_ports("Services/www", 80);

  exit(0);
}

include('http.inc');
include('vcf.inc');

if (get_kb_item('Host/Palo_Alto/Firewall/Version'))
  exit(0, 'The remote host is PAN-OS, and therefore not affected.');

if (get_kb_item('Host/Cisco/WLC/Version'))
  exit(0, 'The remote host is a Cisco WLC, and therefore not affected.');

var appname = 'jquery';
get_install_count(app_name:appname, exit_if_zero:TRUE);
var jport = get_http_port(default:8081);

if (get_install_count(app_name:'Cisco APIC Software') > 0)
{
  var installs = get_installs(app_name:'Cisco APIC Software', port:jport);
  var length = 0;
  if (!isnull(installs)) length = length(installs[1]);

  if (length > 0)
  {
    exit(0, 'The remote host is a Cisco APIC, and therefore not affected.');
  }
}

var app_info = vcf::get_app_info(app:appname, port:jport, webapp:TRUE);
vcf::check_granularity(app_info:app_info, sig_segments:3);

var constraints = [{'min_version':'1.2','fixed_version':'3.5.0'}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING,flags:{xss:TRUE});

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
28 May 2020 00:00Current
7.7High risk
Vulners AI Score7.7
CVSS24.3
CVSS36.1 - 6.9
EPSS0.382
SSVC
2810
.json
Report