Lucene search
TathanassiadouBSERV-13449HistoryAug 24, 2022 - 2:53 p.m.
jquery 2.2.4 XSS vulnerability
2022-08-2414:53:45
tathanassiadou
jira.atlassian.com
120
0.061 Low
EPSS
Percentile
93.5%
Affected versions of Bitbucket Server and Data Center use a version of jQuery that is vulnerable to CVE-2020-11022 and CVE-2020-11023. These allow an unauthenticated attacker to inject Javascript into the application via Cross-Site Scripting (XSS) vulnerabilities.
A jquery patch has been applied for Bitbucket versions >= 7.10.0.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bitbucket data center | le | 7.9.0 | |
| bitbucket data center | lt | 7.10.0 |
Related
nessus
nessus
openSUSE Security Update : otrs (openSUSE-2020-1888)
2020-11-12 00:00:00
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19)
2022-09-01 00:00:00
JQuery 1.2 < 3.5.0 Multiple XSS
2020-05-28 00:00:00
oraclelinux
oraclelinux
jquery-ui security update
2022-03-01 00:00:00
bootstrap security update
2021-08-09 00:00:00
ipa security and bug fix update
2021-03-19 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 4693-1] drupal7 security update
2020-05-26 21:08:38
[SECURITY] [DLA 2608-1] jquery security update
2021-03-26 01:32:42
suse
suse
Security update for otrs (moderate)
2020-11-10 00:00:00
Security update for cacti, cacti-spine (moderate)
2020-07-25 00:00:00
Security update for cacti, cacti-spine (moderate)
2020-07-28 00:00:00
osv
osv
jquery - security update
2021-03-25 00:00:00
drupal7 - security update
2020-05-26 00:00:00
Persistent Cross-site Scripting vulnerability in PrivateBin
2022-04-12 20:45:22
attackerkb
attackerkb
CVE-2020-11022
2020-04-29 00:00:00
CVE-2020-11023
2020-04-29 00:00:00
hp
hp
Certain HP Printers and MFP products - Cross-Site Scripting (XSS)
2020-09-17 00:00:00
openvas
openvas
openSUSE: Security Advisory for otrs (openSUSE-SU-2020:1888-1)
2020-11-10 00:00:00
Debian: Security Advisory (DLA-2608-1)
2021-03-26 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Jquery
2021-10-16 01:10:33
Exploit for Cross-site Scripting in Jquery
2020-11-02 20:55:10
Exploit for Cross-site Scripting in Jquery
2020-04-14 19:12:01
fedora
fedora
[SECURITY] Fedora 32 Update: drupal8-8.9.0-1.fc32
2020-06-16 01:32:24
[SECURITY] Fedora 33 Update: drupal7-7.72-1.fc33
2020-09-25 17:15:48
[SECURITY] Fedora 32 Update: cacti-1.2.13-1.fc32
2020-07-23 01:06:59
atlassian
atlassian
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
2021-02-02 09:59:24
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
2021-02-02 09:59:24
Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023
2021-02-16 18:28:38
joomla
joomla
[20200604] - Core - XSS in jQuery.htmlPrefilter
2020-04-10 00:00:00
checkpoint_advisories
checkpoint_advisories
jQuery Cross Site Scripting (CVE-2020-11022; CVE-2020-11023)
2020-11-16 00:00:00
drupal
drupal
Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002
2020-05-20 00:00:00
redhat
redhat
(RHSA-2020:4211) Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update
2020-10-08 06:44:00
(RHSA-2020:3807) Moderate: Red Hat Virtualization security, bug fix, and enhancement update
2020-09-23 15:54:23
(RHSA-2020:2217) Moderate: OpenShift Container Platform 3.11 security update
2020-05-28 11:08:25
typo3
typo3
Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)
2020-07-29 00:00:00
gentoo
gentoo
Cacti: Multiple vulnerabilities
2020-07-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1
2020-10-21 00:00:00
github
github
Persistent Cross-site Scripting vulnerability in PrivateBin
2022-04-12 20:45:22
Potential XSS vulnerability in jQuery
2020-04-29 22:19:14
Use of insecure jQuery version in OctoberCMS
2020-06-05 19:37:49
freebsd
freebsd
Cacti -- multiple vulnerabilities
2020-07-15 00:00:00
nodejs
nodejs
Cross-Site Scripting
2020-04-30 18:19:09
veracode
veracode
Cross-Site Scripting (XSS)
2020-04-30 01:59:55
Cross-Site Scripting (XSS)
2020-04-30 02:21:22
packetstorm
packetstorm
jQuery 1.2 Cross Site Scripting
2021-04-14 00:00:00
jQuery 1.0.3 Cross Site Scripting
2021-04-14 00:00:00
cvelist
cvelist
CVE-2020-11022 Potential XSS vulnerability in jQuery
2020-04-29 00:00:00
CVE-2020-11023 Potential XSS vulnerability in jQuery
2020-04-29 00:00:00
debiancve
debiancve
ubuntucve
ubuntucve
CVE-2020-11022
2020-04-29 00:00:00
CVE-2020-11023
2020-04-29 00:00:00
zdt
zdt
jQuery 1.2 - Cross-Site Scripting Vulnerability
2021-04-14 00:00:00
jQuery 1.0.3 - Cross-Site Scripting Vulnerability
2021-04-14 00:00:00
f5
f5
K02453220 : jQuery vulnerability CVE-2020-11022
2020-08-03 00:00:00
K66544153 : jQuery vulnerability CVE-2020-11023
2020-08-03 00:00:00
cve
cve
CVE-2020-11022
2020-04-29 22:15:00
CVE-2020-11023
2020-04-29 21:15:00
prion
prion
Code injection
2020-04-29 22:15:00
Code injection
2020-04-29 21:15:00
redhatcve
redhatcve
CVE-2020-11022
2020-04-29 23:09:52
CVE-2020-11023
2021-06-20 07:11:02
alpinelinux
alpinelinux
CVE-2020-11023
2020-04-29 21:15:00
CVE-2020-11022
2020-04-29 22:15:00
almalinux
almalinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
ics
ics
Sensormatic Electronics VideoEdge
2021-11-02 12:00:00
amazon
amazon
Medium: ipa
2021-04-20 17:55:00
hackerone
hackerone
Reddit: CVE-2020-11022
2022-12-20 17:19:58
rocky
rocky
idm:DL1 and idm:client security, bug fix, and enhancement update
2021-05-18 06:14:07
adobe
adobe
APSB19-38 Security update available for Adobe Experience Manager
2019-07-09 00:00:00
exploitdb
exploitdb
jQuery 1.2 - Cross-Site Scripting (XSS)
2021-04-14 00:00:00
jQuery 1.0.3 - Cross-Site Scripting (XSS)
2021-04-14 00:00:00