Lucene search
+L

17 matches found

ibm
ibm
added 2026/03/30 8:4 p.m.15 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version v12.1.0.2 Vulnerability Details CVEID:CVE-2012-6708 DESCRIPTION: jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable...

7.8CVSS6.7AI score0.87218EPSS
Exploits13Affected Software1
nessus
nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 8 : idm:client (AXSA:2021-1594:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1594:01 advisory. js-jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 bootstrap: XSS in the data-target attribute CVE-2016-10735 bootstrap:...

6.9CVSS7AI score0.99019EPSS
Exploits17References11
mscve
mscve
added 2024/09/11 7:0 a.m.6 views

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed.

...

6.1CVSS7.1AI score0.29726EPSS
Exploits2
susecve
susecve
added 2023/02/15 5:10 a.m.5 views

SUSE CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS8AI score0.29726EPSS
Exploits2References8
redhat
redhat
added 2023/01/31 1:18 p.m.7 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2023/01/31 1:15 p.m.7 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2023/01/31 1:15 p.m.7 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2020/11/04 1:39 a.m.8 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2020/11/04 1:31 a.m.5 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2020/09/29 9:12 p.m.3 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
redhat
redhat
added 2020/03/26 3:46 p.m.5 views

jquery: Cross-site scripting via cross-domain ajax requests

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References4
freebsd
freebsd
added 2019/03/05 12:0 a.m.152 views

rt -- XSS via jQuery

BestPractical reports: The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting XSS vulnerability when using cross-domain Ajax requests. This vulnerability is assigned CVE-2015-9251. RT does not use this jQuery feature so it is not directly vulnerable. jQuery version 1.12 no longer...

6.1CVSS6.6AI score0.29726EPSS
Exploits2References2
osv
osv
added 2018/01/18 11:29 p.m.5 views

UBUNTU-CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.8AI score0.29726EPSS
Exploits2References5
osv
osv
added 2018/01/18 11:29 p.m.7 views

AZL-45099 CVE-2015-9251 affecting package python-blinker for versions less than 1.7.0-4

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

6.1CVSS6.8AI score0.29726EPSS
Exploits2References1
attackerkb
attackerkb
added 2018/01/18 12:0 a.m.89 views

CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. Recent assessments: ze3ter at July 13, 2021 1:47pm UTC reported: Assessed Attacker Value: 3 Assessed...

6.1CVSS2.1AI score0.29726EPSS
Exploits2References39
hackerone
hackerone
added 2015/11/05 2:2 a.m.43 views

HackerOne: Cross-domain AJAX request

Hi, Two weeks ago, I found a Cross-domain AJAX request, but due to the fact that you uses a very strict Content Security Policy, I hesitated to send this. Today, I noticed that bug has been fixed. But this fix can be bypassed. This example not working now screenshot 1:...

0.2AI score
Exploits0
ptsecurity
ptsecurity
added 2007/04/10 12:0 a.m.10 views

PT-2007-1156

Name of the Vulnerable Software and Affected Versions: jquery versions prior to 3.0.0 Description: The issue is related to the lack of protection for the structure of web pages, allowing a remote attacker to perform cross-site scripting using cross-domain ajax requests. When a cross-domain Ajax...

8.1CVSS7.5AI score0.99019EPSS
Exploits23References192
Rows per page
Query Builder