Vulnerabilities (CVE)

Vendor filter

Jquery Subscribe

Product filter

Jquery Subscribe

Filter

7 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11358 3 Drupal, Jquery, Debian 3 Drupal, Jquery, Debian Linux 2019-06-12 4.3
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend...
CVE-2015-9251 2 Jquery, Oracle 40 Jquery, Agile Product Lifecycle Management For Process, Banking Platform and 37 more 2019-06-10 4.3
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CVE-2012-6708 1 Jquery 1 Jquery 2019-06-10 4.3
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by...
CVE-2011-4969 1 Jquery 1 Jquery 2019-04-16 4.3
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
CVE-2007-2379 1 Jquery 1 Jquery 2019-04-16 5.0
The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a...
CVE-2014-6071 1 Jquery 1 Jquery 2018-11-30 4.3
jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
CVE-2016-10707 1 Jquery 1 Jquery 2018-02-02 5.0
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.