RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:2217)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2217 advisory. - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method CVE-2020-11022 Note that Nessus has not tested for this issue bu...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

Ubuntu: Security Advisory (USN-7658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hitachi Energy MSM

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2020-11022 that affects MSM versions as listed below. If an attacker successfully exploits this vulnerability, it could impact the confidentiality, integrity or availability of MSM. Please consult the Recommended Immediate Actions Section...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7.

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

Advisory ROSA-SA-2025-2760

Software: doxygen 1.8.5 OS: rosa-server79 packageevrstring: doxygen-1.8.5-4.0.1.res7 CVE-ID: CVE-2020-11022 BDU-ID: 2020-05190 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the jQuery library is associated with a failure to take measures to protect the structure of a web page. Exploitation of th...

Linux Distros Unpatched Vulnerability : CVE-2020-11022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM...

doxygen security update

1:1.8.5-4.0.1 - Fix CVE-2020-11022 and CVE-2022-11023 in vendored jQuery Orabug: 37577394...

Oracle Linux 9 : doxygen (ELSA-2025-1329)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1329 advisory. 1:1.9.1-12 - Resolves: RHEL-78146, CVE-2020-11023, CVE-2020-11022 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Security Bulletin: Vulnerabilities in the jquery-1.10.0.js package affect Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in the jquery-1.10.0.js package used in Data Replication on Cloud Pak for Data were addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing option elements from...

Oracle Siebel Server (October 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the October 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: UIF Open UI jQuery. The supported version that is affected is 20.8...

Oracle WebCenter Portal (October 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework jQuery. The supported...

Security Bulletin: Vulnerabilities in Apache Ant affect IBM Operations Analytics - Log Analysis (CVE-2020-11023, CVE-2020-23064, CVE-2020-11022)

Summary There are multple cross site scripting vulnerabilities in Apache Ant that effect IBM Operations Analytics - Log Analysis. These have been addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of...

RHEL 7 : jquery (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery: Cross-site scripting XSS via HTML tags containing whitespaces CVE-2020-7656 - In jQuery versions...

RHEL 6 : jquery (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery: Cross-site scripting XSS via HTML tags containing whitespaces CVE-2020-7656 - In jQuery versions...

RHEL 6 / 7 / 8 : Red Hat AMQ Interconnect 1.9.0 (RHSA-2020:4211)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4211 advisory. Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between...

F5 Networks BIG-IP : jQuery vulnerability (K02453220)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K02453220 advisory. In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after...

Security Bulletin: IBM OpenPages for IBM Cloud Pak for Data is Vulnerable to jQuery cross-site scripting (CVE-2020-11022, CVE-2020-11023)

Summary There is a vulnerability in the jQuery OpenSource library used by IBM OpenPages for IBM Cloud Pak for Data. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2020-11022 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of...