You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
CVE-2011-4969 - Medium Severity Vulnerability
Vulnerable Library - jquery.1.4.4.nupkg
jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand...
Library home page: https://api.nuget.org/packages/jquery.1.4.4.nupkg
Path to dependency file: /tmp/ws-scm/SameId/packages/jQuery.UI.Combined.1.8.24/jQuery.UI.Combined.1.8.24.nuspec
Path to vulnerable library: /SameId/packages/jQuery.UI.Combined.1.8.24/jQuery.UI.Combined.1.8.24.nuspec
Dependency Hierarchy:
Found in HEAD commit: 5b65ad8ceb8055e53cc0513997488402273cf64a
Vulnerability Details
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Publish Date: 2013-03-08
URL: CVE-2011-4969
CVSS 2 Score Details (4.3)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969
Release Date: 2013-03-08
Fix Resolution: 1.6.3
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: