15 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-5312
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web...
Fedora 37 : drupal7 (2022-c4334d5277)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4334d5277 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Fedora 36 : drupal7 (2022-9d655503ea)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...
Drupal 7.x < 7.86 Multiple XSS Vulnerabilities (SA-CORE-2022-002) - Linux
Drupal is prone to multiple cross-site scripting XSS vulnerabilities in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002
jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...
Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)
According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86, 9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dial...
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities
Summary Security vulnerabilities have been addressed in IBM Cognos Analytics. Vulnerability Details CVEID: CVE-2010-5312 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the...
Security Bulletin: jQuery UI title/default content cross-site scripting (CVE-2012-6662 and CVE-2010-5312)
Question Security Bulletin: jQuery UI title/default content cross-site scripting CVE-2012-6662 and CVE-2010-5312 Answer Abstract: The jQuery UI is vulnerable to cross-site scripting which is caused by improper validation of user-supplied input as well as input by the default content. A remote...
Oracle: Security Advisory (ELSA-2015-1462)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 258-1] jqueryui security update
Package : jqueryui Version : 1.8.dfsg-3+deb6u1 CVE ID : CVE-2010-5312 Shadowman131 discovered that jqueryui, a JavaScript UI library for dynamic web applications, failed to properly sanitize its "title" option. This would allow a remote attacker to inject arbitrary code through cross-site scripti...
Updated couchdb packages fix CVE-2010-5312
Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...
MGASA-2014-0559 Updated couchdb packages fix CVE-2010-5312
Updated couchdb packages fix security vulnerability: Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option CVE-2010-5312. The embedded copy of jQuery UI in...
CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...
CVE-2010-5312
CVE-2010-5312 is a cross-site scripting (XSS) vulnerability in the jQuery UI Dialog widget (jquery.ui.dialog.js) where the title option for the dialog could be attacker-controlled to inject arbitrary script/HTML. It affects jQuery UI prior to 1.10.0. Public disclosures across Debian, Fedora, Red ...
CVE-2010-5312
Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...