Affected versions of jquery
are vulnerable to cross-site scripting. This occurs because the main jquery
function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery
may interpret HTML as selectors when given certain inputs, allowing for client side code execution.
$("#log").html(
$("element[attribute='<img src=\"x\" onerror=\"alert(1)\" />']").html()
);
Update to version 1.9.0 or later.
{ "nvd_published_at": "2018-01-18T23:29:00Z", "cwe_ids": [ "CWE-64", "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2020-08-31T18:19:31Z" }