Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Jquery
(Jquery)Repositories | https://github.com/jquery/jquery |
#Vulnerabilities | 12 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-05-19 | CVE-2020-7656 | jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed. | Jquery, Junos, Active_iq_unified_manager, Cloud_backup, Oncommand_system_manager, Snap_creator_framework, Peoplesoft_enterprise_peopletools | 6.1 | ||
2018-01-16 | CVE-2014-6071 | jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after. | Jquery | 6.1 |