Fedora 37 : drupal7 (2022-c4334d5277)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c4334d5277 advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...

Ubuntu: Security Advisory (USN-6419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory. Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary w...

Fedora 36 : drupal7 (2022-9d655503ea)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9d655503ea advisory. - 7.92 - 7.91 - SA-CORE-2022-012 / CVE-2022-25275 - 7.90 - 7.89 - 7.88 - SA-CORE-2022-003 / CVE-2022-25271 - 7.87 - 7.86 - SA-CORE-2022-001 /...

jQuery UI Cross-site Scripting (CVE-2016-7103)

A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

CVE-2016-7103

creationtimestamp| type| source ---|---|--- 2022-05-23 12:12:20+00:00| seen| MISP/e4a31d0c-457f-42ae-9030-0af010bf2c63 2024-01-09 16:11:28+00:00| seen| https://t.me/ctinow/165088...

Drupal 7.x < 7.86 Multiple XSS Vulnerabilities (SA-CORE-2022-002) - Linux

Drupal is prone to multiple cross-site scripting XSS vulnerabilities in jQuery UI. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Drupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002

jQuery UI is a third-party library used by Drupal. This library was previously thought to be end-of-life. Late in 2021, jQuery UI announced that they would be continuing development, and released a jQuery UI 1.13.0 version. In addition to the issue covered by SA-CORE-2022-001, further security...

Drupal 7.x < 7.86 / 9.2.x < 9.2.11 / 9.3.x < 9.3.3 Multiple Vulnerabilities (drupal-2022-01-19)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.86, 9.2.x prior to 9.2.11, or 9.3.x prior to 9.3.3. It is, therefore, affected by multiple vulnerabilities. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dial...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics. Vulnerability Details CVEID: CVE-2010-5312 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the...

Oracle Database Server Multiple Vulnerabilities (Apr 2020 CPU)

The remote Oracle Database Server is missing the April 2020 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle Multimedia component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable...

Fedora Update for rubygem-jquery-ui-rails FEDORA-2019-a96124345a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Primavera Unifier Multiple Vulnerabilities (July 2018 CPU)

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.0, 17.x prior to 17.12.7.0, or 18.x prior to 18.7.0.0. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for the...

Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Using Components with Known Vulnerabilities vulnerability

Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2016-7103 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dialog function. A remote...

Fedora Update for python-XStatic-jquery-ui FEDORA-2017-1bf5a0ce01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for python-XStatic-jquery-ui FEDORA-2017-e2d17af41e

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

@mlnmln/test-component (>=0.0.0 <=0.0.1), algoliasearch-extensions-bundle (>=1.2.1 <=4.3.9) +58 more potentially affected by CVE-2016-7103 via jquery-ui (>=1.10.4 <=1.12.0-rc.2)

jquery-ui NPM version =1.10.4, =0.0.0, =1.2.1, =0.0.7-g, =0.0.1-a, =1.0.2, =0.10.1, =0.0.9, =0.12.1, =0.1.1, =0.3.0, =0.0.1, =0.0.5, =0.2.0 and more Source cves: CVE-2016-7103 Source advisory: OSV:GHSA-HPCF-8VF9-Q4GJ...

SUSE-SU-2017:2351-1 Security update for python-XStatic-jquery-ui

This update for python-XStatic-jquery-ui fixes the following issues: - CVE-2016-7103: possible cross-site scripting in dialog closeText could lead to arbitrary code injection bsc996004...

CVE-2016-7103

Cross-site scripting XSS vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function...

CVE-2016-7103

Cross-site scripting XSS vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function...