304 matches found
DEBIAN-CVE-2022-31160
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
Cross site scripting
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
UBUNTU-CVE-2022-31160
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
CVE-2022-31160 jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
EUVD-2022-6344
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
jQuery 跨站脚本漏洞
jQuery is the United States John Resig individual developers of a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript, and features modularity, plug-in extensions, and so on. A cross-site scripting vulnerability exists in jQuery...
CVE-2022-31160 jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
CVE-2022-31160 jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
CVE-2022-31160
CVE-2022-31160 affects jQuery UI versions prior to 1.13.2. The issue occurs when initializing a checkboxradio widget on an input inside a label; the label contents can be treated as the input label, and refreshing with .checkboxradio("refresh") on such a widget may decode encoded HTML entities in...
CVE-2022-31160
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...
Cross-site Scripting (XSS)
jquery-ui is vulnerable to cross-site scripting attacks. The vulnerability exists in the widget function in checkboxradio.js due to a lack of input sanitization which allows a malicious attacker to inject and execute malicious javascript...
GHSA-H6GJ-6JJQ-H8G9 jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
Impact Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call .checkboxradio "refresh" on such a widget and the initial HTML contained encoded HTML entities, they will erroneously get decoded. This can le...
@atlassian/aui (>=8.2.4 <=9.5.1), @chinchilla-software/ng-date-time-picker (>=1.0.0 <=1.0.1) +135 more potentially affected by CVE-2022-31160 via jquery-ui (>=1.10.4 <=1.13.1)
jquery-ui NPM version =1.10.4, =8.2.4, =1.0.0, =1.0.0, =0.1.0, =2.3.2, =6.4.0, =1.1.42, =5.0.0-110, =0.0.0, =2.1.1, =4.0.0, =1.0.0-alpha.0, =11.0.0, =17.0.0-dev.3 and more Source cves: CVE-2022-31160 Source advisory: OSV:GHSA-H6GJ-6JJQ-H8G9...
org.webjars.npm:evol-colorpicker (=3.4.2), org.webjars.npm:jquery-ui-multidatespicker (=1.6.6) potentially affected by CVE-2022-31160 via org.webjars.npm:jquery-ui (=1.13.0-rc.3)
org.webjars.npm:jquery-ui MAVEN version =1.13.0-rc.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:jquery-ui and may be impacted: - org.webjars.npm:evol-colorpicker =3.4.2 - org.webjars.npm:jquery-ui-multidatespicker =1.6.6 Source cve...
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
Impact Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call .checkboxradio "refresh" on such a widget and the initial HTML contained encoded HTML entities, they will erroneously get decoded. This can le...
PT-2022-20575 · Jquery +5 · Jquery Ui +5
Name of the Vulnerable Software and Affected Versions: jQuery UI versions prior to 1.13.2 Moodle versions prior to 3.11.17-alt1 Description: jQuery UI, a collection of user interface interactions, effects, widgets, and themes built on jQuery, is susceptible to a cross-site scripting XSS issue...
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
Impact Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call .checkboxradio "refresh" on such a widget and the initial HTML contained encoded HTML entities, they will erroneously get decoded. This can le...
pcs security update
0.11.1-10.el90.1 - Updated bundled rubygems: sinatra, rack-protection - Resolves: rhbz2081333 0.11.1-10 - Fixed snmp client - Fixed translating resource roles in colocation constraint - Resolves: rhbz2048640 0.11.1-9 - Fixed cluster destroy in web ui - Fixed covscan issue in web ui - Resolves:...
[R3] Nessus Version 10.2.0 Fixes Multiple Vulnerabilities
R3 Nessus Version 10.2.0 Fixes Multiple Vulnerabilities Arnie Cabral Thu, 05/26/2022 - 09:30 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components zlib, expat, jQuery UI were found to contain vulnerabilities, and updated versions hav...
SUSE-SU-2022:1729-1 Security update for ardana-barbican, grafana, openstack-barbican, openstack-cinder, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-ironic, openstack-keystone, openstack-neutron-gbp, python-lxml, release-notes-suse-openstack-cloud
This update for ardana-barbican, grafana, openstack-barbican, openstack-cinder, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-ironic, openstack-keystone, openstack-neutron-gbp, python-lxml, release-notes-suse-openstack-cloud fixes the following issues: Security fixes included on...