CVE-2010-5312

Опубликовано: 24 нояб. 2014

Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

Пакеты

Пакет	Статус	Версия исправления	Тип
drupal7	removed		package
jqueryui	fixed	1.10.1+dfsg-1	package
owncloud	not-affected		package

Примечания

http://bugs.jqueryui.com/ticket/6016
https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd21231b6f3
https://www.drupal.org/sa-core-2022-002

Связанные уязвимости

CVE-2010-5312

CVSS3: 6.1

ubuntu

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2010-5312

redhat

почти 15 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2010-5312

CVSS3: 6.1

nvd

больше 10 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

GHSA-wcm2-9c89-wmfm

CVSS3: 6.1

github

почти 8 лет назад

Cross-site Scripting in jquery-ui

ELSA-2015-1462

oracle-oval

около 10 лет назад

ELSA-2015-1462: ipa security and bug fix update (MODERATE)