Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-4969
Cross-site scripting (XSS) vulnerability in jQuery prior to 1.6.3, when using location.hash to select elements, allows remote malicious users to inject arbitrary web script or HTML via a crafted tag.
Jquery Jquery 1.6
Jquery Jquery 1.6.1
Jquery Jquery
1 Github repository
383
VMScore
CVE-2017-15719
In Wicket jQuery UI 6.28.0 and previous versions, 7.9.1 and previous versions, and 8.0.0-M8 and previous versions, a security issue has been discovered in the WYSIWYG editor that allows an malicious user to submit arbitrary JS code to WYSIWYG editor.
Wicket-jquery-ui Project Wicket-jquery-ui
Wicket-jquery-ui Project Wicket-jquery-ui 7.0.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.2.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.3.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.9.0
Wicket-jquery-ui Project Wicket-jquery-ui 8.0.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.0.1
Wicket-jquery-ui Project Wicket-jquery-ui 7.0.2
Wicket-jquery-ui Project Wicket-jquery-ui 7.1.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.4.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.5.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.6.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.7.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.2.1
Wicket-jquery-ui Project Wicket-jquery-ui 7.3.1
Wicket-jquery-ui Project Wicket-jquery-ui 7.8.0
Wicket-jquery-ui Project Wicket-jquery-ui 7.9.1
383
VMScore
CVE-2018-1325
In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.
Wicket-jquery-ui Project Wicket-jquery-ui 7.0.0
Wicket-jquery-ui Project Wicket-jquery-ui 8.0.0
Wicket-jquery-ui Project Wicket-jquery-ui
383
VMScore
CVE-2012-6708
jQuery prior to 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' char...
Jquery Jquery
1 Github repository
383
VMScore
CVE-2014-6071
jQuery 1.4.2 allows remote malicious users to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
Jquery Jquery 1.4.2
446
VMScore
CVE-2016-10707
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.
Jquery Jquery 3.0.0
2 Github repositories
383
VMScore
CVE-2018-18405
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry
Jquery Jquery 2.2.2
445
VMScore
CVE-2007-2379
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote malicious users to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures t...
Jquery Jquery -
Netapp Snapcenter -
NA
CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6.
Jquery-minicolors Project Jquery-minicolors
605
VMScore
CVE-2015-2089
Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) change plugin settings or cond...
Crossslide Jquery Project Crossslide Jquery 2.0.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »