CVE-2026-3279

The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the downgradejqueryversion function in all versions up to, and including, 1.4.1. This is due to the function only verifying a nonce without checking user...

Astra Linux - уязвимость в jquery

In jQuery, starting from version 1.12.0 and before 3.5.0, passing HTML from untrusted sources—even after sanitizing it—to one of jQuery’s DOM manipulation methods e.g., .html, .append, etc. may execute untrusted code. This issue has been fixed in jQuery 3.5.0...

CVE-2026-21821

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

CVE-2026-21821 HCL BigFix SCM Reporting is affected by vulnerabilities in jQuery

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

CVE-2026-21821

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

EUVD-2026-30155

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

CVE-2026-21821

CVE-2026-21821 affects the HCL BigFix SCM Reporting site, which uses an outdated, end-of-life jQuery 1.x. The description highlights exposure to publicly known weaknesses and potential client-side attacks (e.g., XSS or manipulation via vulnerable third-party components). The CVSS metrics indicate...

PT-2026-40799

The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses and increase the risk of client-side...

Linux Distros Unpatched Vulnerability : CVE-2021-36713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting XSS vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function...

CVE-2024-32753 TYCO Illustra Pro Gen 4 - JQuery version

Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component...

CVE-2024-32753 TYCO Illustra Pro Gen 4 - JQuery version

Under certain circumstances the camera may be susceptible to known vulnerabilities associated with the JQuery versions prior to 3.5.0 third-party component...

eZ Platform Bundled jQuery affected by CVE-2019-11358

In eZ Platform 2.x, ezsystems/ezplatform-admin-ui-assets before v4.2.0 includes jQuery version 3.3.1. This version of jQuery is affected by the security vulnerability https://www.cvedetails.com/cve/CVE-2019-11358/ This is fixed in jQuery version 3.4. We recommend that you upgrade your...

How to check jQuery version that used by NetScaler Gateway

NetScaler jQuery version check method...

Silverstripe CMS 跨站脚本漏洞

Silverstripe CMS is an application from Silverstripe New Zealand. Empower powerful digital teams by creating a platform for digital change. A cross-site scripting vulnerability exists in Silverstripe CMS versions prior to 4.12.0 that stems from the use of jQuery 1.7.2, which is affected by...

jQuery 1.2.0 < 3.5.0 Cross-Site Scripting

According to its self-reported version number, jQuery is at least 1.2.0 and prior to 3.5.0. Therefore, it may be affected by a cross-site scripting vulnerability via the regex operation in jQuery.htmlPrefilter. Note that the scanner has not tested for these issues but has instead relied only on t...

PT-2020-8631 · Jquery · Jquery

Name of the Vulnerable Software and Affected Versions: jQuery version 2.2.2 Description: The issue allows for cross-site scripting XSS attacks via a crafted onerror attribute of an IMG element. Recommendations: For jQuery version 2.2.2, consider disabling the use of the onerror attribute in IMG...

CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

ALPINE-CVE-2015-9251

jQuery before 3.0.0 is vulnerable to Cross-site Scripting XSS attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed...

AZL-43897 CVE-2012-6708 affecting package python-httplib2 0.20.3-3

jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '' character anywhere in the string, giving...

AZL-44937 CVE-2012-6708 affecting package python-blinker for versions less than 1.7.0-4

jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '' character anywhere in the string, giving...