|
|
Log in / Subscribe / Register

jquery: cross-site scripting

Package(s):jquery CVE #(s):CVE-2011-4969
Created:February 14, 2013 Updated:March 13, 2013
Description:

From the Ubuntu advisory:

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting (XSS) issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

Alerts:
Fedora FEDORA-2013-1286 python-tw2-jquery 2013-03-08
Fedora FEDORA-2013-1277 python-tw2-jquery 2013-03-08
Ubuntu USN-1722-1 jquery 2013-02-13
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds