the jquery foundation

Top products

The 10 most recently published vulnerabilities affecting the jquery foundation.

• CVE-2024-30875Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.a...7.1Oct 17, 2024
• CVE-2021-41184XSS in the `of` option of the `.position()` util6.5Oct 26, 2021
• CVE-2020-7656jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script...6.1May 19, 2020
• CVE-2020-11023Potential XSS vulnerability in jQueryKEV6.9Apr 29, 2020
• CVE-2020-11022jQuery has a potential XSS vulnerability6.9Apr 29, 2020
• CVE-2019-11358jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an...6.1Apr 19, 2019
• CVE-2015-9251jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.6.1Jan 18, 2018
• CVE-2012-6708jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQue...6.1Jan 18, 2018
• CVE-2016-7103Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.6.1Mar 15, 2017
• CVE-2011-4969Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.4.3Mar 8, 2013