Lucene search
K

84 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/26 9:13 a.m.4 views

Multiple vulnerabilities in PowerCMS

Overview PowerCMS provided by Alfasado Inc. contains multiple vulnerabilities listed below. Injection CWE-74 - CVE-2025-29993 Dependency on vulnerable third-party component CWE-1395 - CVE-2021-21252 Alfasado Inc. reported this vulnerability to IPA to notify users of its solution through JVN...

7.5CVSS7.1AI score0.03532EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-21252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package jquery-validation. jquery-validation before...

7.5CVSS5.4AI score0.03532EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:48 p.m.4 views

Malicious code in jquery-validation-utils (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 12:48 p.m.10 views

MAL-2024-2569 Malicious code in jquery-validation-utils (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/10/09 11:46 p.m.5 views

io.github.ezadmin126:ezadmin-common (>=3.0.0 <=3.1.1), io.github.ezadmin126:ezadmin-core (>=2.9.12 <=2.11.5) +14 more potentially affected by CVE-2025-3573 via org.webjars:jquery-validation (>=1.12.0 <=1.19.5)

org.webjars:jquery-validation MAVEN version =1.12.0, =3.0.0, =2.9.12, =3.0.3, =3.0.0, =1.0.2, =2.9.7, =1.8, =1.7, =1.8, =1.7, =1.5, =1.4, =2.0, =2.0, =3.14, =3.25.0 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JAVA-ORGWEBJARS-9788110...

6.1CVSS6.7AI score0.00292EPSS
Exploits0
Snyk
Snyk
added 2023/10/09 11:46 p.m.3 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

6.1CVSS5.3AI score0.00292EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/10/09 11:46 p.m.6 views

org.webjars.bower:boosted (>=3.2.0 <=3.3.3), org.webjars.bower:jpkleemans-angular-validate (=1.1.1) +14 more potentially affected by CVE-2025-3573 via org.webjars.bower:jquery-validation (>=1.13.1 <=1.19.5)

org.webjars.bower:jquery-validation MAVEN version =1.13.1, =3.2.0, =0.1.13, =1.8.0, =2.6.0, =2.7.1, =2.9.1, =3.27.0, =3.28.2, =3.31.0 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-9788112...

6.1CVSS6.7AI score0.00292EPSS
Exploits0
Snyk
Snyk
added 2023/10/09 11:46 p.m.3 views

Cross-site Scripting (XSS)

Overview org.webjars.bower:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

6.1CVSS5.3AI score0.00292EPSS
Exploits0References2
Snyk
Snyk
added 2023/10/09 11:46 p.m.2 views

Cross-site Scripting (XSS)

Overview org.webjars:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via...

6.1CVSS5.3AI score0.00292EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2023/10/09 11:46 p.m.6 views

@archey347/uf_blog (=0.0.0), @boldreports/angular-reporting-components (>=5.1.20 <=11.1.10) +19 more potentially affected by CVE-2025-3573 via jquery-validation (>=1.14.0 <=1.19.5)

jquery-validation NPM version =1.14.0, =5.1.20, =5.1.20, =5.1.20, =0.0.4, =4.0.0, =5.0.0, =0.0.2, =0.2.2, =3.0.0, =5.0.0, =5.0.0, =0.11.28, =0.0.8, =0.0.13 and more Source cves: CVE-2025-3573 Source advisory: SNYK:JS-JQUERYVALIDATION-5952285...

6.1CVSS6.7AI score0.00292EPSS
Exploits0
Snyk
Snyk
added 2023/10/09 11:46 p.m.1 views

Cross-site Scripting (XSS)

Overview org.webjars.bowergithub.jquery-validation:jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will...

6.1CVSS5.3AI score0.00292EPSS
Exploits0References2
Snyk
Snyk
added 2023/10/09 11:46 p.m.2 views

Cross-site Scripting (XSS)

Overview jquery-validation is a Client-side form validation made easy Affected versions of this package are vulnerable to Cross-site Scripting XSS in the showLabel function, which may take input from a user-controlled placeholder value. This value will populate a message via $.validator.messages ...

6.1CVSS5.3AI score0.00292EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 5:17 p.m.35 views

Security Bulletin: IBM Engineering Workflow Management (EWM) vulnerability CVE-2021-21252

Summary There is a vulnerability CVE-2021-21252 which affects IBM Engineering Workflow Management EWM. Vulnerability Details CVEID:CVE-2021-21252 DESCRIPTION: jQuery Validation Plugin is vulnerable to a denial of service, caused by a regular expression denial of service ReDoS flaw when validating...

7.5CVSS6.2AI score0.03532EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2022/07/19 12:0 a.m.22 views

WordPress Jquery Validation For Contact Form 7 plugin cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site request forgery...

4.3CVSS4.5AI score0.00368EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/07/17 11:15 a.m.2 views

CVE-2022-2144

The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack...

4.3CVSS5.9AI score0.00368EPSS
Exploits2References2
NVD
NVD
added 2022/07/17 11:15 a.m.16 views

CVE-2022-2144

The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack...

4.3CVSS0.00368EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/07/17 10:36 a.m.20 views

CVE-2022-2144 Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF

The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog options like defaultrole, userscanregister via a CSRF attack...

4.9AI score0.00368EPSS
Exploits2References1
Veracode
Veracode
added 2022/07/15 5:14 p.m.87 views

Regular Expression Denial Of Service (ReDoS)

jquery-validation is vulnerable to regular expression denial of service. The vulnerability exists in the url parse function in src/core.js, and due to insufficient regular expression complexity checks an attacker can cause a ReDoS when supplying input to the url parse function. This CVE exists du...

7.5CVSS7AI score0.01562EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2022/07/14 8:15 p.m.14 views

CVE-2022-31147

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

7.5CVSS0.01562EPSS
Exploits1References3
Prion
Prion
added 2022/07/14 8:15 p.m.42 views

Input validation

The jQuery Validation Plugin jquery-validation provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service ReDoS when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix...

5CVSS7.5AI score0.01562EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder