Search CVE reports
21 – 24 of 24 results
CVE-2012-6662
Medium priorityCross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title...
1 affected package
jqueryui
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jqueryui | — | — | — | — | — |
CVE-2010-5312
Medium priorityCross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
1 affected package
jqueryui
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jqueryui | — | — | — | — | Not affected |
CVE-2013-1942
Medium priorityMultiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers...
2 affected packages
jquery-jplayer, owncloud
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jquery-jplayer | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
| owncloud | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2011-4969
Medium priorityCross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
1 affected package
jquery
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| jquery | — | — | — | — | — |