jQuery-UI vulnerable to Cross-site Scripting in dialog closeText

Affected versions of jquery-ui are vulnerable to a cross-site scripting vulnerability when arbitrary user input is supplied as the value of the closeText parameter in the dialog function. jQuery-UI is a library for manipulating UI elements via jQuery. Version 1.11.4 has a cross site scripting XSS...

@mlnmln/test-component (>=0.0.0 <=0.0.1), algoliasearch-extensions-bundle (>=1.2.1 <=4.3.9) +58 more potentially affected by CVE-2016-7103 via jquery-ui (>=1.10.4 <=1.12.0-rc.2)

jquery-ui NPM version =1.10.4, =0.0.0, =1.2.1, =0.0.7-g, =0.0.1-a, =1.0.2, =0.10.1, =0.0.9, =0.12.1, =0.1.1, =0.3.0, =0.0.1, =0.0.5, =0.2.0 and more Source cves: CVE-2016-7103 Source advisory: OSV:GHSA-HPCF-8VF9-Q4GJ...

GHSA-HPCF-8VF9-Q4GJ jQuery-UI vulnerable to Cross-site Scripting in dialog closeText

Affected versions of jquery-ui are vulnerable to a cross-site scripting vulnerability when arbitrary user input is supplied as the value of the closeText parameter in the dialog function. jQuery-UI is a library for manipulating UI elements via jQuery. Version 1.11.4 has a cross site scripting XSS...

Infogram: Outdated jQuery Version

During analysis, it was observed that the application is using outdated jQuery version i.e. 1.11.2...

FS Crowdfunding Script - &#039;id&#039; SQL Injection

Exploit Title: FS Crowdfunding Script - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/crowdfunding-script/ Version: 24 October 17 Tested on: Kali Linux 2.0 | Mac OS 10.12.6 Email:...

Cross-site Scripting in jquery-ui

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

FS Crowdfunding Script - id SQL Injection

FS Crowdfunding Script - id SQL Injection Exploit Title: FS Crowdfunding Script - 'id' SQL Injection Date: 2017-10-24 Exploit Author: 8bitsec Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/crowdfunding-script/ Version: 24 October 17 Tested on: Kali...

Moderate severity vulnerability that affects jquery-ui

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

nao.gov.bh XSS vulnerability

Open Bug Bounty ID: OBB-359559 Description| Value ---|--- Affected Website:| nao.gov.bh Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Open redirect

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

UBUNTU-CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector...

CVE-2015-7943

CVE-2015-7943 describes an open redirect vulnerability in Drupal 7.x where the Overlay module does not sufficiently validate URLs, enabling redirects to arbitrary sites and phishing via unspecified vectors. Affected are: Drupal core Overlay module in 7.x before 7.41; the jQuery Update module (7.x...

CVE-2015-7943

Removed by vendor...

UI-Dialog Arbitrary Command Execution Vulnerability

UI-Dialog is a jQuery UI a set of JavaScript libraries in a pop-up box plugin . An arbitrary command execution vulnerability exists in UI-Dialog 1.09 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary commands...

SUSE-SU-2017:2351-1 Security update for python-XStatic-jquery-ui

This update for python-XStatic-jquery-ui fixes the following issues: - CVE-2016-7103: possible cross-site scripting in dialog closeText could lead to arbitrary code injection bsc996004...

html-social-share-buttons

It is an HTML/CSS/JavaScript library for adding social media sha...