2402 matches found
CentOS 9 : gcc-11.5.0-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the gcc-11.5.0-5.el9 build changelog. - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing i...
Moderate: tbb security update
Threading Building Blocks TBB is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the securit...
Moderate: tbb security update
Threading Building Blocks TBB is a C++ runtime library that abstracts the low-level threading details necessary for optimal multi-core performance. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the securit...
Azure Linux 3.0 Security Update: js-jquery (CVE-2019-20149)
The version of js-jquery installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-20149 advisory. - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attribute...
jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods
A flaw was found in jQuery. HTML containing \ elements from untrusted sources are passed, even after sanitizing, to one of jQuery's DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity...
Security Bulletin: Multiple vulnerabilities fixed in IBM Security Verify Governance - Containerized Identity Manager
Summary Multiple security vulnerabilities have been addressed in the update to IBM Security Verify Governance - Containerized Identity Manager component. Vulnerability Details CVEID:CVE-2019-11358 DESCRIPTION: jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improp...
Malicious code in jquery.pstrength (npm)
--- -= Per source details. Do not edit below this line.=-...
Ubuntu: Security Advisory (USN-7246-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7246-1 jquery vulnerabilities
It was discovered that jQuery incorrectly handled parsing untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...
USN-7246-1: jQuery vulnerabilities
It was discovered that jQuery incorrectly handled parsing untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...
Security Bulletin: Vulnerabilities in jQuery affect watsonx.data
Summary jQuery is vulnerable to cross site scripting attacks and to untrusted code execution attacks. These could affect watsonx.data. Vulnerability Details CVEID:CVE-2015-9251 DESCRIPTION: jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remot...
The Bug Report - January 2025 Edition
The Bug Report - January 2025 Edition By Jonathan Omakun · January 30, 2025 Why am I here? Ah, January—the month of resolutions, regrets, and, apparently, really bad code. While you’re trying to get back to the gym or cut down on caffeine, attackers have been busy exploiting vulnerabilities faste...
Ubuntu 20.04 LTS : jQuery vulnerabilities (USN-7246-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7246-1 advisory. It was discovered that jQuery incorrectly handled parsing untrusted HTML. A remote attacker could possibly use this issue to execute arbitrary code...
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The medium-severity vulnerability is...
JQuery Cross-Site Scripting (XSS) Vulnerability
JQuery contains a persistent cross-site scripting XSS vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser...
CVE-2025-22798
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through = 1.1.1...
CVE-2025-22798
CVE-2025-22798 affects Responsive jQuery Slider (CHR Designer Responsive jQuery Slider). The vulnerability is a Stored XSS caused by Improper Neutralization of Input During Web Page Generation, affecting the slider up to version 1.1.1 (inclusive). This mirrors Red Hat/Wordfence entries confirming...
CVE-2025-22798 WordPress Responsive jQuery Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CHR Designer Responsive jQuery Slider responsive-jquery-slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through = 1.1.1...
WordPress plugin Responsive jQuery Slider 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...
CVE-2025-22546
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Obaid Hossain jQuery TwentyTwenty js-twentytwenty allows Stored XSS.This issue affects jQuery TwentyTwenty: from n/a through = 1.0...