Code injection

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the altField option is now...

XSS in the `of` option of the `.position()` util in jquery-ui

Impact Accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. For example, invoking the following code: js $ "element" .position my: "left top", at: "right bottom", of: "", collision: "none" ; will call the doEvilThing function. Patches The...

CVE-2021-41184 XSS in the `of` option of the `.position()` util

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the of option is now treated as a CSS...

CVE-2021-41184

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the of option is now treated as a CSS...

CVE-2021-41098

Summary (CVE-2021-41098 – Nokogiri on JRuby): The Nokogiri Rubygem (v1.12.4 and earlier) on JRuby exposes an XXE-related flaw by resolving external entities by default in the SAX parser. Affected classes include Nokogiri::XML::SAX::Parse, Nokogiri::HTML4::SAX::Parser (and Nokogiri::HTML::SAX::Par...

Unspecified vulnerability in css-what

css-what is a CSS selector parser. A security vulnerability exists in css-what versions prior to 5.0.1, which stems from the fact that the css-what package does not ensure that property parsing has linear time complexity with respect to input size. No details of the vulnerability are available at...

CVE-2020-26247

Nokogiri (Ruby) contains an XXE/SSRF risk in XML schemas parsed by Nokogiri::XML::Schema due to the default trust-on-parse behavior. This is fixed in version 1.11.0.rc4; upgrading to 1.11.0.rc4+ mitigates the issue. The CVE-2020-26247 entry notes the vulnerability and its fix; multiple advisories...

makeCollapsible allows applying event handler to any CSS selector

More info at https://phabricator.wikimedia.org/T246602...

Google Chrome Blink Resource Management Error Vulnerability (CNVD-2019-44527)

Google Chrome is a Web browser from Google, a U.S. company. Blink is a browser layout engine rendering engine jointly developed by Google and Norway's OperaSoftware. A resource management error vulnerability exists in the 'WebCore::CSSSelector' function of Blink in Google Chrome prior to version...

About the security content of Safari 9.0.3 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

Apple iOS WebKit Information Disclosure Vulnerability (CNVD-2016-00527)

Apple iOS is Apple's operating system for several smart devices. Apple iOS handles the "a:visited button" CSS selector, which allows an attacker to build a malicious web page and trick the user into parsing it, which can determine whether the user has visited a particular link...

Firefox CSS选择器跨域信息泄露漏洞

BUGTRAQ ID: 41872 CVE ID: CVE-2010-0654 Firefox是一款流行的开源WEB浏览器。 如果攻击者能够向目标页的A和B两点之间注入CSS选择器的开放和关闭部分，用户就可以通过getComputedStyle API读取两个注入点之间的部分。 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x Mozilla Thunderbird 3.1.x Mozilla Thunderbird 3.0.x Mozilla SeaMonkey 2.0.6 厂商补丁： Mozilla -------...

Mozilla Products Multiple Vulnerabilities (MFSA2010-34, MFSA2010-39, MFSA2010-40, MFSA2010-42, MFSA2010-46, MFSA2010-47) - Windows

Mozilla Firefox/Seamonkey/Thunderbird are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

iPhone - 'WebCore::CSSSelector()' Remote Crash

!/usr/bin/python , dM MMr 4MMML . MMMMM. xf . "M6MMM .MM- Mh.. +MM5MMM .MMMM .MMM. .MMMMML. MMMMMh MMMh. MM5MMM MMMMMMM 3MMMMx. 'MMM3MMf xnMMMMMM" 'MMMMM MMMMMM. nMMMMMMP" MMMMMx "MMM5M\ .MMMMMMM= MMMMMh "MMMMM" JMMMMMMP MMMMMM GMMMM. dMMMMMM . MMMMMM "MMMM .MMMMM .nnMP" .. MMMMx MMM" dMMMM"...