Cross-site Scripting (XSS)

jquery-ui is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the updateAlternate function in datepicker.js as it does not properly sanitize altField...