Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2010-5312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web...

6.1CVSS6.9AI score0.18351EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.15 views

Fedora 37 : drupal7 (2022-c4334d5277)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4334d5277 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...

7.5CVSS7.1AI score0.44515EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.52 views

Fedora 36 : drupal7 (2022-9d655503ea)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...

7.5CVSS7.1AI score0.44515EPSS
Exploits6References8
OpenVAS
OpenVAS
added 2022/01/20 12:0 a.m.27 views

Drupal 7.x < 7.86 Multiple XSS Vulnerabilities (SA-CORE-2022-002) - Linux

Drupal is prone to multiple cross-site scripting XSS vulnerabilities in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

7.1AI score
Exploits0References1
Drupal
Drupal
added 2022/01/19 12:0 a.m.122 views

Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002

jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...

6.5CVSS0.8AI score0.39361EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2022/01/19 12:0 a.m.55 views

Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86, 9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dial...

6.5CVSS7.2AI score0.44515EPSS
Exploits6References13
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/30 1:47 p.m.94 views

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics. Vulnerability Details CVEID: CVE-2010-5312 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the...

9.1CVSS0.6AI score0.2258EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/12/08 5:46 a.m.39 views

Security Bulletin: jQuery UI title/default content cross-site scripting (CVE-2012-6662 and CVE-2010-5312)

Question Security Bulletin: jQuery UI title/default content cross-site scripting CVE-2012-6662 and CVE-2010-5312 Answer Abstract: The jQuery UI is vulnerable to cross-site scripting which is caused by improper validation of user-supplied input as well as input by the default content. A remote...

6.1CVSS0.2AI score0.18351EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.27 views

Oracle: Security Advisory (ELSA-2015-1462)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.9AI score0.18351EPSS
Exploits1References2
Debian
Debian
added 2015/06/29 8:29 p.m.68 views

[SECURITY] [DLA 258-1] jqueryui security update

Package : jqueryui Version : 1.8.dfsg-3+deb6u1 CVE ID : CVE-2010-5312 Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its "title" option. This would allow a remote attacker to inject arbitrary code through cross-site scripti...

6.1CVSS6.4AI score0.18351EPSS
Exploits1
Mageia
Mageia
added 2014/12/31 12:28 p.m.53 views

Updated couchdb packages fix CVE-2010-5312

Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...

6.1CVSS2.8AI score0.18351EPSS
Exploits1References2
OSV
OSV
added 2014/12/31 12:28 p.m.8 views

MGASA-2014-0559 Updated couchdb packages fix CVE-2010-5312

Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...

6.1CVSS6.1AI score0.18351EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/11/24 4:59 p.m.47 views

CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

6.1CVSS6.7AI score0.18351EPSS
Exploits1References1
CVE
CVE
added 2014/11/24 12:0 a.m.232 views

CVE-2010-5312

CVE-2010-5312 is a cross-site scripting (XSS) vulnerability in the jQuery UI Dialog widget (jquery.ui.dialog.js) where the title option for the dialog could be attacker-controlled to inject arbitrary script/HTML. It affects jQuery UI prior to 1.10.0. Public disclosures across Debian, Fedora, Red ...

6.1CVSS6AI score0.18351EPSS
Exploits1References19Affected Software1
Debian CVE
Debian CVE
added 2014/11/24 12:0 a.m.30 views

CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

6.1CVSS6.4AI score0.18351EPSS
Exploits1
Rows per page
Query Builder