3 matches found
CVE-2015-9251
CVE-2015-9251 affects jQuery before 3.0.0, enabling XSS when a cross-domain Ajax request omits the dataType option and text/javascript responses are executed. Connected advisories confirm the issue and indicate an upgrade resolves it; remediation is to upgrade jQuery to a fixed version as provide...
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2017-3537
CVE-2017-3537 affects the Oracle Real-Time Scheduler component of Oracle Utilities Applications (Mobile Communications Platform) with affected versions 2.2.0.3.13, 2.3.0.0 and 2.3.0.1. AFFECTED FUNCTION/FILE: Oracle Real-Time Scheduler (Mobile Communications Platform subcomponent). Root cause: vu...