-
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2015-9251 (Medium) detected in jquery-1.9.1.js, jquery-1.8.1.min.js #2015
Comments
ℹ️ This issue was automatically closed by WhiteSource because it is a duplicate of an existing issue: #2028 |
1 similar comment
ℹ️ This issue was automatically closed by WhiteSource because it is a duplicate of an existing issue: #2028 |
This issue is potentially a duplicate of one of the following issues:
|
Sorry, friend. As far as this ol' bot can tell, your issue does not properly use one of this repo's available issue templates. Please try again, if you like. (And if I'm confused, please let us know. 😬)
|
👋 Thanks for reporting! |
Thank you for your report, the issue you have reported has just been fixed.
|
ℹ️ This issue was automatically re-opened by WhiteSource because the vulnerable library in the specific branch(es) has been detected in the WhiteSource inventory. |
This issue is potentially a duplicate of one of the following issues:
|
This issue is potentially a duplicate of one of the following issues:
|
This issue is potentially a duplicate of one of the following issues:
|
This issue is potentially a duplicate of one of the following issues:
|
1 similar comment
This issue is potentially a duplicate of one of the following issues:
|
CVE-2015-9251 - Medium Severity Vulnerability
Vulnerable Libraries - jquery-1.9.1.js, jquery-1.8.1.min.js
jquery-1.9.1.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.js
Path to dependency file: typescript-tools/node_modules/tinygradient/bower_components/tinycolor/index.html
Path to vulnerable library: /node_modules/tinygradient/bower_components/tinycolor/demo/jquery-1.9.1.js
Dependency Hierarchy:
jquery-1.8.1.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.1/jquery.min.js
Path to dependency file: typescript-tools/node_modules/redeyed/examples/browser/index.html
Path to vulnerable library: /node_modules/redeyed/examples/browser/index.html
Dependency Hierarchy:
Found in HEAD commit: 94a055e45bd6419b98a3f6c030632bac663aa978
Vulnerability Details
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
CVSS 3 Score Details (6.1)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: