CVE-2010-5312

Опубликовано: 24 нояб. 2014

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

Пакеты

Пакет	Статус	Версия исправления	Тип
drupal7	removed		package
jqueryui	fixed	1.10.1+dfsg-1	package
owncloud	not-affected		package

Примечания

http://bugs.jqueryui.com/ticket/6016
https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd21231b6f3
https://www.drupal.org/sa-core-2022-002

EPSS

Процентиль: 89%

0.04431

Низкий

Связанные уязвимости

CVE-2010-5312

CVSS3: 6.1

ubuntu

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2010-5312

redhat

около 15 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2010-5312

CVSS3: 6.1

nvd

почти 11 лет назад

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

GHSA-wcm2-9c89-wmfm

CVSS3: 6.1

github

около 8 лет назад

Cross-site Scripting in jquery-ui

ELSA-2015-1462

oracle-oval

больше 10 лет назад

ELSA-2015-1462: ipa security and bug fix update (MODERATE)

EPSS

Процентиль: 89%

0.04431

Низкий