Vulnerabilities > Jquery

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-26	CVE-2020-23064	Cross-site Scripting vulnerability in multiple products Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element. network low complexity jquery netapp CWE-79	6.1
2020-05-19	CVE-2020-7656	Cross-site Scripting vulnerability in multiple products jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. network low complexity jquery oracle netapp juniper CWE-79	6.1
2020-04-29	CVE-2020-11022	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery drupal debian fedoraproject oracle netapp opensuse tenable CWE-79	6.1
2020-04-29	CVE-2020-11023	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable CWE-79	6.1
2020-04-22	CVE-2018-18405	Cross-site Scripting vulnerability in Jquery 2.2.2 jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. network low complexity jquery CWE-79	6.1
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2018-01-18	CVE-2016-10707	Uncontrolled Recursion vulnerability in Jquery 3.0.0 jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. network low complexity jquery CWE-674	7.5
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2012-6708	Cross-site Scripting vulnerability in Jquery jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. network low complexity jquery CWE-79	6.1
2018-01-16	CVE-2014-6071	Cross-site Scripting vulnerability in Jquery 1.4.2 jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after. network jquery CWE-79	4.3

Vulnerabilities > Jquery {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jquery"}]}

Vulnerabilities > Jquery