2405 matches found
K62532311: jQuery vulnerability CVE-2012-6708
Security Advisory Description jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the ' Identified L...
K29562170: jQuery vulnerability CVE-2015-9251
Security Advisory Description jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.CVE-2015-9251 Impact This vulnerability allows a remote attacker to perfo...
GHSA-H685-83W4-3PH3 iziModal Cross-site Scripting vulnerability
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
iziModal Cross-site Scripting vulnerability
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
Cross site scripting
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
GHSA-CRH5-VV2V-C82Q @claviska/jquery-minicolors vulnerable to Cross-site Scripting
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
@claviska/jquery-minicolors vulnerable to Cross-site Scripting
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
DEBIAN-CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
UBUNTU-CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
Cross site scripting
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...
Jquery UI 1.13.1 in use which is vulnerable to CVE-2022-31160
Description Jquery UI 1.13.1 in use which is vulnerable to CVE-2022-31160 Proof of Concept 1 Go to https://demo.limesurvey.org/tmp/assets/15bf41ab/jquery-ui.min.js and note that jquery-ui 1.13.1 is in use. 2 Check...
MAL-2023-537 Malicious code in jquery-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c2e86401517688fc0bdbd68e989cce56834a9c11090e0a27fd0e0b5cdf9ca2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in jquery-mask (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c2e86401517688fc0bdbd68e989cce56834a9c11090e0a27fd0e0b5cdf9ca2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-32860
The CVE-2021-32860 issue affects the jQuery modal plugin iziModal (versions prior to 1.6.1). It describes an XSS vulnerability where untrusted modal titles can be exploited to inject arbitrary HTML/JavaScript code executed in the user context. The root cause is lack of validation/escaping for the...
Moodle 3.9.x < 3.9.5 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.5.x prior to 3.5.17, 3.8.x prior to 3.8.8, 3.9.x prior to 3.9.5 or 3.10.x prior to 3.10.2. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability attack due to the lack of sanitization of th...
CVE-2021-32850 jQuery MiniColors vulnerable to Cross-site Scripting
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6...