2 matches found
CVE-2015-9478
prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS...
CVE-2015-9478
CVE-2015-9478 affects prettyPhoto prior to 3.1.6, specifically the getHashtag function in js/jquery.prettyPhoto.js, enabling a DOM-based XSS when user-supplied data after the # is not encoded. Impact is described as XSS with partial integrity/low confidentiality impact in public CVE notes; exact ...