You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Path to dependency file: /vendor/alquran/api-client/docs/graphs/class.html
Path to vulnerable library: /vendor/alquran/api-client/docs/graphs/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/namespaces/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/files/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/classes/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/reports/../js/jquery-1.11.0.min.js
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
mend-bolt-for-githubbot
changed the title
CVE-2015-9251 (Medium) detected in multiple libraries
CVE-2015-9251 (Medium) detected in jquery-1.11.0.min.js
Jun 13, 2022
mend-bolt-for-githubbot
changed the title
CVE-2015-9251 (Medium) detected in jquery-1.11.0.min.js
CVE-2015-9251 (Medium) detected in alquran/api-client-v1.3, jquery-1.11.0.min.js
Jul 15, 2022
CVE-2015-9251 - Medium Severity Vulnerability
alquran/api-client-v1.3
AlQuran.cloud REST API Client
Library home page: https://api.github.com/repos/islamic-network/alquran-api-client-php/zipball/1708cbd02adac0b3f39b4fbbeb78b90c5b45807a
Dependency Hierarchy:
jquery-1.11.0.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.0/jquery.min.js
Path to dependency file: /vendor/alquran/api-client/docs/graphs/class.html
Path to vulnerable library: /vendor/alquran/api-client/docs/graphs/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/namespaces/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/files/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/classes/../js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/js/jquery-1.11.0.min.js,/vendor/alquran/api-client/docs/reports/../js/jquery-1.11.0.min.js
Dependency Hierarchy:
Found in HEAD commit: 8c4d4ea25197c8d39b5b50edef9ea6842b0fc7a6
Found in base branch: master
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - v3.0.0
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: