You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
mend-for-github-combot
changed the title
CVE-2015-9251 (Medium) detected in multiple libraries
CVE-2015-9251 (Low) detected in multiple libraries
Nov 21, 2022
mend-for-github-combot
changed the title
CVE-2015-9251 (Low) detected in multiple libraries
CVE-2015-9251 (Medium) detected in multiple libraries
Dec 29, 2022
CVE-2015-9251 - Medium Severity Vulnerability
jquery-2.2.4.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Path to vulnerable library: /orm/gorm/public/js/jquery-2.2.4.min.js
Dependency Hierarchy:
jquery-1.4.2.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.2/jquery.min.js
Path to vulnerable library: /facebook-oauth2/public/js/jquery-1.4.2.min.js,/twitter-oauth/public/js/jquery-1.4.2.min.js
Dependency Hierarchy:
jquery-1.3.2.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.3.2/jquery.min.js
Path to vulnerable library: /booking2/public/js/jquery-1.3.2.min.js,/booking/public/js/jquery-1.3.2.min.js
Dependency Hierarchy:
jquery-1.9.1.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.9.1/jquery.min.js
Path to vulnerable library: /upload/public/js/jquery-1.9.1.min.js
Dependency Hierarchy:
Found in HEAD commit: 8ba9b71f88d013f157aff1fafc35b1d5eef23af0
Found in base branch: master
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
The text was updated successfully, but these errors were encountered: