Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-37504
A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows malicious users to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.
Hayageek Jquery Upload File 4.0.11
9.8
CVSSv3
CVE-2018-9208
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta
Tuyoshi Jquery Picture Cut 1.1
1 Github repository
5.4
CVSSv3
CVE-2023-0171
The jQuery T(-) Countdown Widget WordPress plugin prior to 2.3.24 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored C...
Twinpictures Jquery T(-) Countdown Widget
6.1
CVSSv3
CVE-2015-7943
Open redirect vulnerability in the Overlay module in Drupal 7.x prior to 7.41, the jQuery Update module 7.x-2.x prior to 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x prior to 7.x-1.8 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing a...
Drupal Drupal 7.0
Drupal Drupal 7.39
Drupal Drupal 7.40
Drupal Drupal 7.16
Drupal Drupal 7.21
Drupal Drupal 7.18
Drupal Drupal 7.15
Drupal Drupal 7.38
Drupal Drupal 7.3
Drupal Drupal 7.17
Drupal Drupal 7.8
Drupal Drupal 7.13
Drupal Drupal 7.35
Drupal Drupal 7.20
Drupal Drupal 7.5
Drupal Drupal 7.10
Drupal Drupal 7.30
Drupal Drupal 7.27
Drupal Drupal 7.6
Drupal Drupal 7.12
Drupal Drupal 7.34
Drupal Drupal 7.9
NA
CVE-2013-4383
Cross-site scripting (XSS) vulnerability in the jQuery Countdown module 7.x-1.x prior to 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web script or HTML via unspecified vectors.
Dennis Bruecke Jquery Countdown 7.x-1.0
6.1
CVSSv3
CVE-2020-7656
jquery before 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be...
Jquery Jquery
Oracle Peoplesoft Enterprise Peopletools 8.58
Netapp Snap Creator Framework -
Netapp Cloud Backup -
Netapp Oncommand System Manager
Netapp Active Iq Unified Manager -
Juniper Junos 21.2
3 Github repositories
6.1
CVSSv3
CVE-2010-5312
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI prior to 1.10.0 allows remote malicious users to inject arbitrary web script or HTML via the title option.
Debian Debian Linux 7.0
Jqueryui Jquery Ui
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Snapcenter -
Apache Drill 1.16.0
Drupal Drupal
Debian Debian Linux 9.0
1 Github repository
NA
CVE-2012-6662
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI prior to 1.10.0 allows remote malicious users to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the aut...
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Jqueryui Jquery Ui 1.10.0
NA
CVE-2021-4243
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-32850. Reason: This candidate is a duplicate of CVE-2021-32850. Notes: All CVE users should reference CVE-2021-32850 instead of this candidate. All references and descriptions in this candidate have been remo...
NA
CVE-2020-28488
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »