CVE-2020-11022

Strings_Attached An online shop and lesson hub for guitarists Source code can be found here The live project can be viewed here Purpose of Project The aim of the project is to help users on their journey to musical proficency The website consists of a shop where instruments and accessories can be purchased, and subscriptions to music lesson videos can be signed up to Links

CVE Collection of jQuery XSS Payloads

CVE Sandbox :: jQuery CVE Collection of jQuery XSS Payloads Maintained by @therceman CVE Version Details CVE-2020-11023 >= 151 < 350 View on Snyk CVE-2020-11022 >= 151 < 350 View on Snyk CVE-2019-11358 >= 100 < 340 View on Snyk

Web application for Bagel Patch in Patchogue, NY

Bagel Patch Website Created & designed by Corey Schneider BS in Computer Science from the University of North Carolina at Charlotte Resume note - This is the first Ruby on Rails application I have created A live demo can be found at bagelpatchonrendercom/ A demo admin account can be logged into with the following credentials: bagelpatchonrenderc

Vulnearability Report of the New Jersey official site

https-njgov---CVE-2020-11022 Vulnearability Report of the New Jersey official site Potential XSS vulnerability in jQueryhtmlPrefilter and related methods Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (ie html(), append(), and others) may execute untrusted code RECOMMENDATION This problem is patched in j

A server for maintaining high-throughput sequencing QC data

AlmostSignificant WARNING This distribution includes a legacy version of jquery that is known to have vulnerabilities The original developers are not in a position to update the code to patch this so if you wish to use AlmostSignificant please apply and test the patch before running the code Dependency jquery Version >= 120 < 350 Upgrade to ~> 350

CVEcrystalyer CVE tool to help with getting CVE details needed for reporting Tool uses reitre-jshtml as input, it will parse all of the CVE-s and grab the details from NVD and print them in terminal for copy/paste /CVEcrystalyer -h -c NAME Single CVE | Multiple CVE-s separated with ',' -> -c CVE-XXX-XXXX,CV

Geolocation Playground

Geolocation Playground === A small test of geolaction APIs and a bit of map hacking Very old alpha quality playground just for fun Deprecated for now due to vulernable jquery GHSA ID: GHSA-gxr4-xjj5-5px2 CVE ID: CVE-2020-11022 GHSA-gxr4-xjj5-5px2 Impact Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery�

jQuery-XSS-poc

jQuery XSS jQuery with XSS, Testing and Secure Version 修复了参考版本中9521和11290无法弹窗的问题，11974新增一个payload，可以验证一些之前11974无法验证的jQuery，并新增3个新的XSSpayload 使用时只需要修改开头<script>标签里的src即可 Bug list: #9521 #11290 #11974 #CVE-2020-11022/CVE-2020-11023 Test version: tes

JS_Encoder Description This is a basic example of javascript, I aim to make a basic javascript encoder/decoder for various types (after learning) This will not be best pratices/clean or safe code (as I'm still learning js basics) Goals Add URL Encode/Decode Add obsfucation (simple, minify) Add methods to help with js payload creation ScreenShot & Video (Click to

Little thing put together quickly to demonstrate this CVE

CVE-2020-11022 CVE-2020-11023 In jQuery versions greater than or equal to 12 and before 350, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (ie html(), append(), and others) may execute untrusted code This problem is patched in jQuery 350 In jQuery versions greater than or equal to 103 and before

A simple place to learn XSS

XSSPlayground A simple place to learn XSS Made for myself to learn and to help others (please do use!) Disclaimer This is a works in progress and will change over time Learn what you can! Updates 15/03/2021 - Added new layout, reworked xss 1,2,3 Screenshots Setup Host php Download the indexphp file Add to your /var/www/html folder Tip: Make a new folder called 'xss

jQuery — New Wave JavaScript This fork back-ports reported security vulnerabilities on jQuery 224 XSS CVE-2020-11022 XSS CVE-2020-11023 Prototype Polution CVE-2019-5428 XSS CVE-2017-16012 Contribution Guides In the spirit of open source software development, jQuery always encourages community code contribution To help you get started and before you jump into writ

patches for SNYK-JS-JQUERY-565129, SNYK-JS-JQUERY-567880, CVE-2020-1102, CVE-2020-11023, includes the patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428

This repository contains the patches for CVE-2020-11022 and CVE-2020-11023 which affect all jQuery versions prior 350, including the patches from DanielRuf/snyk-js-jquery-174006 These patches were generated with diff -u original patched > patchfile Apply the patches You can apply the patches with patch, git apply, patch-package and composer-patches Please consult th

Vulnearability Report of the New Jersey official site

https-njgov---CVE-2020-11022 Vulnearability Report of the New Jersey official site Potential XSS vulnerability in jQueryhtmlPrefilter and related methods Passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (ie html(), append(), and others) may execute untrusted code RECOMMENDATION This problem is patched in j