CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component...

jQuery UI 安全漏洞

jQuery UI is a jQuery open source set of carefully curated user interface interactions, effects, widgets and themes built on jQuery. A security vulnerability exists in jQuery UI version v.1.13.1, which stems from the presence of a cross-site scripting vulnerability that allows remote attackers to...

CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, a...

CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, a...

CVE-2024-30875

CVE-2024-30875 affects jquery-ui v1.13.1 with a Cross-Site Scripting (XSS) vulnerability via the window.addEventListener component. IBM’s bulletin confirms the issue and lists affected IBM Robotic Process Automation products, with remediation paths to update to 21.0.7.19+ or 23.0.20+ (Cloud Pak a...

Malicious code in jquery-ui-smoothness (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cbde2167eb940c597861a429b583a7e45ac7225bee0da328cc03ddbbcb363beb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9054 Malicious code in jquery-ui-smoothness (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cbde2167eb940c597861a429b583a7e45ac7225bee0da328cc03ddbbcb363beb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ovirt-engine security update

4.4.10.7-1.0.33 - Fix external providers properties observability 4.4.10.7-1.0.32 - Upgrade bundled frontend dependency of jquery-ui 4.4.10.7-1.0.31 - Allow enrolling certificates in non-responsive state and Extend the lifetime of non-web certificates 4.4.10.7-1.0.30 - Fix network exception...

RHSA-2017:0161 Red Hat Security Advisory: python-XStatic-jquery-ui security update

Bulletin has no description...

RHSA-2016:2933 Red Hat Security Advisory: python-XStatic-jquery-ui security update

Bulletin has no description...

RHSA-2016:2932 Red Hat Security Advisory: python-XStatic-jquery-ui security update

Bulletin has no description...

Malicious code in jquery-ui-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac81ca06088c1af7f942bcd5c3e05a81ee19ded09f4417b8eea369da63f3c3 The OpenSSF Package Analysis project identified 'jquery-ui-dialog' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7743 Malicious code in jquery-ui-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac81ca06088c1af7f942bcd5c3e05a81ee19ded09f4417b8eea369da63f3c3 The OpenSSF Package Analysis project identified 'jquery-ui-dialog' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

OPENSUSE-SU-2024:14131-1 python310-XStatic-jquery-ui-1.13.0.1-1.15 on GA media

These are all security issues fixed in the python310-XStatic-jquery-ui-1.13.0.1-1.15 package on the GA media of openSUSE Tumbleweed...

Malicious code in jquery-ui-custom (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2568 Malicious code in jquery-ui-custom (npm)

--- -= Per source details. Do not edit below this line.=-...

RHEL 7 : yelp-xsl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery-ui: XSS vulnerability in jQuery.ui.dialog title option CVE-2010-5312 - jquery-ui: XSS vulnerabilit...

RHEL 6 : yelp-xsl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jquery-ui: XSS vulnerability in jQuery.ui.dialog title option CVE-2010-5312 - jquery-ui: XSS vulnerabilit...

BIT-DRUPAL-2021-41183 XSS in `*Text` options of the Datepicker widget

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various Text options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various Text options are now alway...

BIT-DRUPAL-2021-41184 XSS in the `of` option of the `.position()` util

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of option of the .position util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the of option is now treated as a CSS...