Malicious code in jquery-ui-slider-pips (npm)

The package jquery-ui-slider-pips was found to contain malicious code...

MAL-2025-23901 Malicious code in jquery-ui.ruler (npm)

The package jquery-ui.ruler was found to contain malicious code...

MAL-2025-23903 Malicious code in jquery.ui.widget.js (npm)

The package jquery.ui.widget.js was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2022-31160

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents...

CVE-2023-5113

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

RHEL 7 : python-XStatic-jquery-ui (RHSA-2016:2932)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:2932 advisory. jquery-ui javascript library packaged for setuptools easyinstall / pip. The following packages have been upgraded to a newer upstream version:...

Moodle 3.11.x < 3.11.16 JQuery UI Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23 or 3.11.x prior to 3.11.16. The JQuery UI library included with Moodle has been upgraded to version 1.13.2, which includes fixes for multiples security issues. Note that the scanner has not...

Moodle < 3.9.23 JQuery UI Library Upgrade

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.23 or 3.11.x prior to 3.11.16. The JQuery UI library included with Moodle has been upgraded to version 1.13.2, which includes fixes for multiples security issues. Note that the scanner has not...

Linux Distros Unpatched Vulnerability : CVE-2021-41182

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from...

Linux Distros Unpatched Vulnerability : CVE-2021-41183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various Text options of the Datepicker widget from...

Linux Distros Unpatched Vulnerability : CVE-2021-41184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted...

Linux Distros Unpatched Vulnerability : CVE-2012-6662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote...

Linux Distros Unpatched Vulnerability : CVE-2010-5312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web...

Fedora 37 : js-jquery-ui (2022-7291b78111)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7291b78111 advisory. A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting XSS attack via the initializatio...

RHEL 7 : python-XStatic-jquery-ui (RHSA-2017:0161)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0161 advisory. jQuery UI is a set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript library. Security Fixes: It was...

The vulnerability of the jQuery UI JavaScript library, related to the lack of protective measures for website structures, allows attackers to execute cross-site scripting attacks.

The vulnerability of the jQuery UI JavaScript library is related to the lack of protective measures for website structures. Exploiting this vulnerability could allow attackers to execute cross-site scripting attacks...

JQuery UI 1.13.1 XSS

The version of JQuery UI library hosted on the remote web server is prior to 1.13.1. It is, therefore, affected by a cross-site scripting vulnerability in the JQuery UI that allows remote attackers to obtain sensitive information and execute arbitrary code by injecting a crafted payload into the...

SUSE CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, a...

CVE-2024-30875

A Cross-site scripting XSS vulnerability was found in the jquery-ui library. If a user visits a malicious website, a remote attacker may be able to obtain sensitive information and execute arbitrary code via a specially crafted payload to the window.addEventListener component. Mitigation Mitigati...

CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component...