Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in jQuery UI (CVE-2022-31160)

Summary A cross-site scripting vulnerability in jQuery UI used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio...

Fedora 39 : roundcubemail (2023-217194e950)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-217194e950 advisory. Release 1.6.3 - Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file 9051 - Update jQuery-UI to version...

SUSE CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

SUSE CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : jQuery UI vulnerability (USN-5181-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5181-1 advisory. It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this...

USN-6419-1 jqueryui vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

USN-6419-1: jQuery UI vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory. Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary w...

CVE-2023-5113

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

Cross site scripting

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113

CVE-2023-5113 affects HP Enterprise LaserJet and HP LaserJet Managed Printers. The vulnerability arises from WS-Print handling and possible Cross-Site Scripting via jQuery-UI, enabling denial of service and XSS conditions. Documented impact is a MEDIUM severity with network access required and us...

CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

Security Bulletin: Multiple vulnerabilities identified in jQuery-UI affects IBM Engineering Lifecycle Optimization - Publishing

Summary This Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in latest iFixes of IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by...

Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI. Update your printer firmware...

Nessus Network Monitor < 6.2.2 Multiple Vulnerabilities (TNS-2023-23)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.2. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-23 advisory. Several of the third-party components were found to contain vulnerabilities, and updat...

Security Bulletin: IBM Aspera Shares is vulnerable to cross-site scripting due to JQuery-UI (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)

Summary This Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in IBM Aspera Shares 1.10.0 PL1. Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Security Bulletin: There is a vulnerability in jQuery UI used by IBM Maximo Asset Management (CVE-2022-31160)

Summary There is a vulnerability in jQuery UI used by IBM Maximo Asset Management . Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could...

K000134507: jQuery UI vulnerability CVE-2022-31160

Security Advisory Description jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes...

Security Bulletin: There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-31160)

Summary There is a vulnerability in jQuery UI used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-31160 DESCRIPTION: jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio...