| VID |
210188 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.
* References:
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://security.paloaltonetworks.com/PAN-SA-2020-0007
* Platforms Affected:
JQuery Prior to 3.5.0
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of JQuery (3.5.0 or later), available from the JQuery web site at https://jquery.com/download/ |
| Related URL |
CVE-2020-11022,CVE-2020-11023 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
