Lucene search
K

2429 matches found

Prion
Prion
added 2007/04/30 11:19 p.m.25 views

Design/Logic Flaw

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

5CVSS9.1AI score0.02771EPSS
Exploits0References3
OSV
OSV
added 2007/04/30 11:19 p.m.12 views

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

6.7AI score
Exploits0References3
NVD
NVD
added 2007/04/30 11:19 p.m.41 views

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

5CVSS9.2AI score0.02771EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/30 11:0 p.m.49 views

CVE-2007-2379

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

9.2AI score0.02771EPSS
Exploits0References3
CVE
CVE
added 2007/04/30 11:0 p.m.335 views

CVE-2007-2379

CVE-2007-2379 affects the jQuery framework, where data is exchanged as JSON without an associated protection scheme. This enables JavaScript Hijacking: a remote attacker can obtain data by a page that retrieves it through a URL in the SRC attribute of a SCRIPT element and reads it with other Java...

5CVSS6.5AI score0.02771EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2007/04/30 11:0 p.m.60 views

CVE-2007-2379

Removed by vendor...

5CVSS6.3AI score0.02771EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2007/04/30 12:0 a.m.12 views

PT-2007-3712 · Jquery · Jquery

Name of the Vulnerable Software and Affected Versions: jQuery affected versions not specified Description: The issue allows remote attackers to obtain data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript...

5CVSS6AI score0.02771EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2007/04/10 12:0 a.m.10 views

PT-2007-1156

Name of the Vulnerable Software and Affected Versions: jquery versions prior to 3.0.0 Description: The issue is related to the lack of protection for the structure of web pages, allowing a remote attacker to perform cross-site scripting using cross-domain ajax requests. When a cross-domain Ajax...

8.1CVSS7.5AI score0.99019EPSS
Exploits22References192
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.69 views

Expression Web 4 Service Pack 2 (KB2571841)

Microsoft Expression Web 4 Service Pack 2 SP2 contains significant fixes and improvements. It includes support for jQuery, image thumbnails in the Folder List panel, a new Snippets panel, universal comment/uncomment, custom toolbars, and custom workspaces...

3.9AI score
Exploits0
Rows per page
Query Builder