Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM : jQuery UI vulnerability (USN-5181-1)

The remote Ubuntu 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5181-1 advisory. It was discovered that jQuery UI did not properly validate the values from untrusted sources. An attacker could use this...

Cross-site Scripting (XSS)

Overview org.webjars.bower:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

org.webjars.bower:boosted (>=3.2.0 <=3.3.3), org.webjars.bower:jpkleemans-angular-validate (=1.1.1) +14 more potentially affected by CVE-2025-3573 via org.webjars.bower:jquery-validation (>=1.13.1 <=1.19.5)

org.webjars.bower:jquery-validation MAVEN version =1.13.1, =3.2.0, =0.1.13, =1.8.0, =2.6.0, =2.7.1, =2.9.1, =3.27.0, =3.28.2, =3.31.0 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-9788112...

Cross-site Scripting (XSS)

Overview org.webjars.bowergithub.jquery-validation:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will...

Cross-site Scripting (XSS)

Overview org.webjars:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

Cross-site Scripting (XSS)

Overview org.webjars.npm:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

Cross-site Scripting (XSS)

Overview jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages ...

@archey347/uf_blog (=0.0.0), @boldreports/angular-reporting-components (>=5.1.20 <=11.1.10) +19 more potentially affected by CVE-2025-3573 via jquery-validation (>=1.14.0 <=1.19.5)

jquery-validation NPM version =1.14.0, =5.1.20, =5.1.20, =5.1.20, =0.0.4, =4.0.0, =5.0.0, =0.0.2, =0.2.2, =3.0.0, =5.0.0, =5.0.0, =0.11.28, =0.0.8, =0.0.13 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JS-JQUERYVALIDATION-5952285...

io.github.ezadmin126:ezadmin-common (>=3.0.0 <=3.1.1), io.github.ezadmin126:ezadmin-core (>=2.9.12 <=2.11.5) +14 more potentially affected by CVE-2025-3573 via org.webjars:jquery-validation (>=1.12.0 <=1.19.5)

org.webjars:jquery-validation MAVEN version =1.12.0, =3.0.0, =2.9.12, =3.0.3, =3.0.0, =1.0.2, =2.9.7, =1.8, =1.7, =1.8, =1.7, =1.5, =1.4, =2.0, =2.0, =3.14, =3.25.0 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JAVA-ORGWEBJARS-9788110...

JQuery < 3.5.0 XSS

In JQuery version greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of JQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. Initial CVE-2020-23064 mentioned in the...

USN-6419-1 jqueryui vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

USN-6419-1: jQuery UI vulnerabilities

Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary web script or HTML code injection. A remote attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue only affected Ubuntu 14.04 LT...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : jQuery UI vulnerabilities (USN-6419-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6419-1 advisory. Hong Phat Ly discovered that jQuery UI did not properly manage parameters from untrusted sources, which could lead to arbitrary w...

CVE-2023-5113

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

Cross site scripting

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

CVE-2023-5113

CVE-2023-5113 affects HP Enterprise LaserJet and HP LaserJet Managed Printers. The vulnerability arises from WS-Print handling and possible Cross-Site Scripting via jQuery-UI, enabling denial of service and XSS conditions. Documented impact is a MEDIUM severity with network access required and us...

CVE-2023-5113 Certain HP Enterprise LaserJet, LaserJet Managed printers - Potential denial of service, potential Cross Site Scripting (XSS)

Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to denial of service due to WS-Print request and potential injections of Cross Site Scripting via jQuery-UI...

Security Bulletin: The IBM® Engineering Lifecycle Engineering product using jQuery 3.2.1 is vulnerable to Cross Site Scripting - CVE-2019-11358

Summary Applications using jQuery before 3.4.0 are vulnerable cross site scripting for CVE-2019-11358. Following IBM® Engineering Lifecycle Engineering product is vulnerable to this attack, it has been addressed in this bulletin: IBM Jazz Reporting Service Vulnerability Details CVEID:CVE-2019-113...

Security Bulletin: Multiple vulnerabilities identified in jQuery-UI affects IBM Engineering Lifecycle Optimization - Publishing

Summary This Security Bulletin addresses security vulnerabilities with JQuery that have been remediated in latest iFixes of IBM Engineering Lifecycle Optimization - Publishing Vulnerability Details CVEID:CVE-2021-41184 DESCRIPTION: jQuery jQuery-UI is vulnerable to cross-site scripting, caused by...