PT-2014-2424 · Jquery +2 · Jquery Ui +2

Name of the Vulnerable Software and Affected Versions: jQuery UI versions prior to 1.10.0 Description: A cross-site scripting XSS issue exists in the default content option in jquery.ui.tooltip.js in the Tooltip widget. This allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)

This module enables provides an API to render an iframe within a modal dialog based on the jQuery UI Dialog plugin. You should not install this module unless another module requires you to, or you wish to use it for your own custom modules. The module doesn't sufficiently filter user supplied tex...