CVE-2018-18405

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-18405
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18405.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-18405
Published
2020-04-22T18:15:10.990Z
Modified
2026-04-10T04:08:43.019753Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry

References

Affected packages

Git / github.com/jquery/jquery

Affected ranges

Type
GIT
Repo
https://github.com/jquery/jquery
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
742610f10e071865fb56907027f9d62bc646562b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.2.2"
        }
    ]
}

Affected versions

1.*
1.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0a
1.1
1.1.1
1.1.2
1.1.3
1.1.3.1
1.1.3a
1.1.4
1.1a
1.1b
1.2
1.2.1
1.2.2
1.2.2b
1.2.2b2
1.2.3a
1.2.3b
1.2.4
1.2.4a
1.2.4b
1.2.5
1.3.1rc1
1.3b1
1.3b2
1.3rc1
1.4.3rc1
1.4.3rc2
1.4.4rc1
1.4.4rc2
1.4.4rc3
1.4a1
1.4a2
1.4rc1
1.5.1rc1
1.5.2rc1
1.5b1
1.5rc1
1.6.1rc1
1.6.2rc1
1.6.3rc1
1.6.4rc1
1.6b1
1.6rc1
1.7.1rc1
1.7.2b1
1.7.2rc1
1.7b1
1.7b2
1.7rc1
1.8b1
1.8b2
1.8rc1
1.9.0b1
2.*
2.0.0-beta3
2.0.0b1
2.0.0b2
2.1.0-beta1
2.2.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18405.json"