EUVD-2022-0739

Malicious code in bioql PyPI...

GHSA-X9R5-JXVQ-4387 jquery.terminal self XSS on user input

Impact This is low impact and limited XSS, because code for XSS payload is always visible, but attacker can use other techniques to hide the code the victim sees. Also if the application use execHash option and execute code from URL the attacker can use this URL to execute his code. The scope is...

Cross site scripting

jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...

CVE-2021-43862 Self XSS on user input

jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...

CVE-2021-43862

Vulnerability context: CVE-2021-43862 affects the jQuery Terminal Emulator (a plugin for command-line interfaces in apps). The issue is a self-XSS via the execHash option when code is loaded from a URL, allowing an attacker to run crafted input in the victim’s browser. The impact is described as ...

jQuery 跨站脚本漏洞

jQuery is the United States John Resig individual developers of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript, and features modularity, plug-in extensions, and so on. A cross-site scripting vulnerability exists in jQuery...