2020-04-29 23:15:00 2021-07-21 01:15:00

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Netapp Snapcenter server - * * * (not an official CPE) Netapp Snap creator framework - * * * (not an official CPE) Netapp Oncommand system manager * * * * (not an official CPE) Netapp Oncommand insight - * * * (not an official CPE) Oracle Siebel mobile * * * * (not an official CPE) Netapp Max data - * * * (not an official CPE) Oracle Storagetek tape analytics sw tool 2.3.1 * * * (not an official CPE) Oracle Rest data services 19c * * * (not an official CPE) Oracle Rest data services 18c * * * (not an official CPE) Oracle Weblogic server 14.1.1.0.0 * * * (not an official CPE) Oracle Webcenter sites 12.2.1.4.0 * * * (not an official CPE) Oracle Weblogic server 12.2.1.4.0 * * * (not an official CPE) Oracle Webcenter sites 12.2.1.3.0 * * * (not an official CPE) Oracle Weblogic server 12.2.1.3.0 * * * (not an official CPE) Oracle Weblogic server 12.1.3.0.0 * * * (not an official CPE) Oracle Healthcare translational research 3.2.1 * * * (not an official CPE) Oracle Healthcare translational research 3.4.0 * * * (not an official CPE) Oracle Healthcare translational research 3.3.2 * * * (not an official CPE) Oracle Jd edwards enterpriseone orchestrator * * * * (not an official CPE) Oracle Primavera gateway * * * * (not an official CPE) Oracle Primavera gateway * * * * (not an official CPE) Oracle Healthcare translational research 3.3.1 * * * (not an official CPE) Oracle Jd edwards enterpriseone tools * * * * (not an official CPE) Oracle Financial services regulatory reporting for de nederlandsche bank 8.0.4 * * * (not an official CPE) Oracle Peoplesoft enterprise human capital management resources 9.2 * * * (not an official CPE) Oracle Primavera gateway * * * * (not an official CPE) Oracle Primavera gateway * * * * (not an official CPE) Oracle Communications session route manager 8.2.1 * * * (not an official CPE) Oracle Communications session route manager 8.1.1 * * * (not an official CPE) Oracle Communications session route manager 8.2.0 * * * (not an official CPE) Oracle Communications session report manager 8.2.0 * * * (not an official CPE) Oracle Communications session report manager 8.2.1 * * * (not an official CPE) Oracle Communications session report manager 8.1.1 * * * (not an official CPE) Oracle Rest data services 11.2.0.4 * * * (not an official CPE) Oracle Rest data services 12.1.0.2 * * * (not an official CPE) Oracle Rest data services 12.2.0.1 * * * (not an official CPE) Oracle Hyperion financial reporting 11.1.2.4 * * * (not an official CPE) Oracle Communications operations monitor * * * * (not an official CPE) Oracle Communications interactive session recorder * * * * (not an official CPE) Oracle Communications operations monitor 3.4 * * * (not an official CPE) Oracle Communications element manager 8.2.1 * * * (not an official CPE) Oracle Communications element manager 8.2.0 * * * (not an official CPE) Oracle Communications element manager 8.1.1 * * * (not an official CPE) Oracle Communications analytics 12.1.1 * * * (not an official CPE) Oracle Banking platform * * * * (not an official CPE) Oracle Banking enterprise collections * * * * (not an official CPE) Oracle Application testing suite 13.3.0.1 * * * (not an official CPE) Oracle Application express * * * * (not an official CPE) Drupal Drupal * * * * (not an official CPE) Drupal Drupal * * * * (not an official CPE) Drupal Drupal * * * * (not an official CPE) Jquery Jquery * * * * (not an official CPE)
Advisory Patch Confirmed Link
https://lists.apache.org/thread.html/r564585d97bc069137e...
https://lists.apache.org/thread.html/rf0f8939596081d84be...
https://www.tenable.com/security/tns-2021-10
https://lists.apache.org/thread.html/ra32c7103ded9041c7c...
https://lists.fedoraproject.org/archives/list/package-an...
https://lists.fedoraproject.org/archives/list/package-an...
https://lists.apache.org/thread.html/rede9cfaa756e050a3d...
https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e...
http://packetstormsecurity.com/files/162160/jQuery-1.0.3...
https://www.tenable.com/security/tns-2021-02
https://lists.debian.org/debian-lts-announce/2021/03/msg...
https://lists.apache.org/thread.html/r8f70b0f65d6bedf316...
https://www.oracle.com/security-alerts/cpujan2021.html
https://lists.apache.org/thread.html/r55f5e066cc7301e363...
https://lists.apache.org/thread.html/r4dba67be3239b34861...
https://lists.apache.org/thread.html/r9e0bd31b7da9e74034...
https://security.netapp.com/advisory/ntap-20200511-0006/
https://lists.apache.org/thread.html/r6e97b37963926f6059...
https://lists.apache.org/thread.html/rb69b7d8217c1a6a210...
https://lists.fedoraproject.org/archives/list/package-an...
https://lists.apache.org/thread.html/r49ce4243b4738dd763...
https://lists.apache.org/thread.html/r3702ede0ff83a29ba3...
https://lists.apache.org/thread.html/r2c85121a47442036c7...
https://lists.apache.org/thread.html/r706cfbc098420f7113...
https://lists.apache.org/thread.html/rda99599896c3667f2c...
https://lists.apache.org/thread.html/rab82dd040f302018c8...
https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8...
https://lists.apache.org/thread.html/r6c4df3b33e625a4447...
https://www.oracle.com/security-alerts/cpuoct2020.html
https://lists.apache.org/thread.html/r1fed19c860a0d470f2...
https://lists.apache.org/thread.html/r0593393ca1e97b1e7e...
https://lists.apache.org/thread.html/r4aadb98086ca72ed75...
https://lists.apache.org/thread.html/r094f435595582f6b5b...
https://lists.apache.org/thread.html/rf1ba79e564fe7efc56...
https://lists.apache.org/thread.html/rb25c3bc7418ae75cba...
https://lists.apache.org/thread.html/r9c5fda81e4bca8daee...
https://lists.apache.org/thread.html/rf661a90a15da8da592...
https://lists.apache.org/thread.html/radcb2aa874a7964778...
https://lists.apache.org/thread.html/rd38b4185a797b324c8...
https://lists.apache.org/thread.html/r9006ad2abf81d02a0e...
https://lists.apache.org/thread.html/ra374bb0299b4aa3e04...
https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71c...
http://lists.opensuse.org/opensuse-security-announce/202...
https://security.gentoo.org/glsa/202007-03
https://lists.apache.org/thread.html/r54565a8f025c7c4f30...
https://lists.apache.org/thread.html/ra3c9219fcb0b289e18...
http://lists.opensuse.org/opensuse-security-announce/202...
https://lists.apache.org/thread.html/r07ab379471fb15644b...
http://lists.opensuse.org/opensuse-security-announce/202...
https://lists.apache.org/thread.html/rbb448222ba62c430e2...
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.fedoraproject.org/archives/list/package-an...
https://www.debian.org/security/2020/dsa-4693
https://www.drupal.org/sa-core-2020-002
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://github.com/jquery/jquery/security/advisories/GHS...
https://jquery.com/upgrade-guide/3.5/
https://www.oracle.com/security-alerts/cpuApr2021.html