jquery-plugin-query-object 安全漏洞

jquery-plugin-query-object is an application. It is used for query string modification and creation in jQuery. A security vulnerability exists in jquery-plugin-query-object 2.2.3, which stems from an improperly controlled modification of the object prototype property that allows a malicious user ...

PT-2021-13765 · Unknown · Jquery-Deparam

Name of the Vulnerable Software and Affected Versions: jquery-deparam version 0.5.1 Description: The issue allows a malicious user to inject properties into Object.prototype through 'Prototype Pollution'. This occurs due to improperly controlled modification of object prototype attributes in...

PT-2021-13764

Name of the Vulnerable Software and Affected Versions: jquery-bbq version 1.2.1 Description: The issue is related to improperly controlled modification of object prototype attributes, also known as 'Prototype Pollution'. This allows a malicious user to inject properties into Object.prototype...

jquery-bbq 安全漏洞

jquery-bbq is an application. jQuery BBQ enables simple but powerful hash history via the cross-browser window.onhashchange event. A security vulnerability exists in jquery-bbq 1.2.1, which stems from an improperly controlled modification of the Object. prototype property that allows a malicious...

jquery-deparam 安全漏洞

jquery-deparam is a software application. Extracts $ .deparam from Ben Alman's jquery-bbq and includes license information. A security vulnerability exists in jquery-deparam 0.5.1, which stems from an improperly controlled modification of object prototype properties that allows a malicious user t...

PT-2021-13762 · Unknown · Jquery-Sparkle

Name of the Vulnerable Software and Affected Versions: jquery-sparkle version 1.5.2-beta Description: The issue is related to 'Prototype Pollution' in the jquery-sparkle library, allowing a malicious user to inject properties into Object.prototype. Recommendations: For jquery-sparkle version...

Amazon Linux 2 : ipa (ALAS-2021-1626)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1626 advisory. A flaw was found in jQuery. HTML containingelements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest...

Medium: ipa

Issue Overview: A flaw was found in jQuery. HTML containing elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...

jQuery 1.0.3 - Cross-Site Scripting (XSS)

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...

jQuery 1.2 - Cross-Site Scripting Vulnerability

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1: 0day.today 2021-10-19...

jQuery 1.2 - Cross-Site Scripting (XSS)

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...

jQuery 1.2 Cross Site Scripting

Exploit Title: jQuery 1.2 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.2 and before 3.5.0 CVE : CVE-2020-11022 Proof of Concept 1:...

jQuery 1.0.3 Cross Site Scripting

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Date: 04/29/2020 Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: "...

jQuery 1.0.3 - Cross-Site Scripting Vulnerability

Exploit Title: jQuery 1.0.3 - Cross-Site Scripting XSS Exploit Author: Central InfoSec Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0 CVE : CVE-2020-11023 Proof of Concept 1: Proof of Concept 2 Only jQuery 3.x affected: " 0day.today 2021-10-19...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID: CVE-2018-1288 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to bypass security restrictions. By using a manually created fetch request interfering with data replication, an attacker cou...

OTRS 6.0.x <= 7.0.24, 8.0.x <= 8.0.11 ReDoS Vulnerability

OTRS is prone to a regular expression denial of service ReDoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

jQuery File Tree Directory Traversal (CVE-2017-1000170)

A directory traversal vulnerability exists in jQuery File Tree. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

AZL-45222 CVE-2021-23358 affecting package js-jquery 3.5.0-4

The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized...

[SECURITY] [DLA 2608-1] jquery security update

Debian LTS Advisory DLA-2608-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez March 25, 2021 https://wiki.debian.org/LTS Package : jquery Version : 3.1.1-2+deb9u2 CVE ID : CVE-2020-11022 CVE-2020-11023 Two vulnerabilities have been discovered in jquerys handli...

Debian DLA-2608-1 : jquery security update

Two vulnerabilities have been discovered in jquery's handling of untrusted HTML which may result in execution of untrusted code. For Debian 9 stretch, these problems have been fixed in version 3.1.1-2+deb9u2. We recommend that you upgrade your jquery packages. For the detailed security status of...