Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jquery jquery vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-2582
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross-site scripting (XSS) in affected applications and sites built with Strikingly. The vulnerability exists because of Strikingly JavaScript library parsing the URL fragment allows access...
Strikingly Strikingly
6.1
CVSSv3
CVE-2023-1275
A vulnerability classified as problematic was found in SourceCodester Phone Shop Sales Managements System 1.0. This vulnerability affects unknown code of the file /osms/assets/plugins/jquery-validation-1.11.1/demo/captcha/index.php of the component CAPTCHA Handler. The manipulati...
Phone Shop Sales Managements System Project Phone Shop Sales Managements System 1.0
6.1
CVSSv3
CVE-2021-36713
Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows malicious users to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.
Sprymedia Datatables 1.9.2
6.1
CVSSv3
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions before 1.6.1 are vulnerable to cross-site scripting (XSS) when handling untrusted modal titles. An attacker who is able to influence the field `title` when creating a `iziModal` instance is able to supply arbitrary `html` or `javas...
Izimodal Project Izimodal
6.1
CVSSv3
CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6.
Jquery-minicolors Project Jquery-minicolors
6.1
CVSSv3
CVE-2022-31160
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions before 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent lab...
Jqueryui Jquery Ui
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Netapp Oncommand Insight -
Drupal Jquery Ui Checkboxradio 8.x-1.2
Drupal Jquery Ui Checkboxradio 8.x-1.1
Drupal Jquery Ui Checkboxradio 8.x-1.0
Drupal Jquery Ui Checkboxradio 8.x-1.3
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
1 Github repository
6.1
CVSSv3
CVE-2022-30241
The jquery.json-viewer library up to and including 1.4.0 for Node.js does not properly escape characters such as < in a JSON object, as demonstrated by a SCRIPT element.
Jquery Json-viewer Project Jquery Json-viewer
6.1
CVSSv3
CVE-2021-43956
The jQuery deserialize library in Fisheye and Crucible before version 4.8.9 allowed remote malicious users to to inject arbitrary HTML and/or JavaScript via a prototype pollution vulnerability.
Atlassian Crucible
Atlassian Fisheye
6.1
CVSSv3
CVE-2022-23395
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS).
Jquery.cookie Project Jquery.cookie 1.4.1
6.1
CVSSv3
CVE-2021-37504
A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows malicious users to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.
Hayageek Jquery Upload File 4.0.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »