CVE-2018-18405
https://notcve.org/view.php?id=CVE-2018-18405
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry ** EN DISPUTA ** jQuery v2.2.2 permite XSS a través de un atributo de error diseñado de un elemento IMG. NOTA: se ha informado que esta vulnerabilidad es una entrada de spam. • https://gist.github.com/CyberSecurityUP/26c5b032897630fe8407da4a8ef216d4 https://gitter.im/jquery/jquery?at=5ea844a05cd4fe50a3d7ddc9 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W https://twitter.com/DanielRufde/status/1255185961866145792 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propiedad enumerable __proto__, podría extender el Object.prototype nativo. A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. • https://github.com/isacaya/CVE-2019-11358 https://github.com/ossf-cve-benchmark/CVE-2019-11358 https://github.com/Snorlyd/https-nj.gov---CVE-2019-11358 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html http://packetstormsecurity.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2018-9206 – Tajer <= 1.0.5 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2018-9206
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0 Vulnerabilidad de subida de archivos arbitrarios sin autenticar en Blueimp jQuery-File-Upload en versiones iguales o anteriores a la v9.22.0. The Tajer for WordPress is vulnerable to arbitrary file uploads due to inclusion of a vulnerable version of the Blueimp jQuery-File-Upload library in versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. Blueimp jQuery File Upload versions 9.22.0 and below suffer from a remote file upload vulnerability. • https://www.exploit-db.com/exploits/45790 https://www.exploit-db.com/exploits/46182 https://www.exploit-db.com/exploits/45584 https://github.com/Den1al/CVE-2018-9206 https://github.com/mi-hood/CVE-2018-9206 http://www.securityfocus.com/bid/105679 http://www.securityfocus.com/bid/106629 http://www.vapidlabs.com/advisory.php?v=204 https://wpvulndb.com/vulnerabilities/9136 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://github.com/blue • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2017-16045
https://notcve.org/view.php?id=CVE-2017-16045
`jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. "jquery.js" era un módulo malicioso publicado para secuestrar variables de entorno. Ha sido retirado por npm. • https://nodesecurity.io/advisories/496 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-506: Embedded Malicious Code •
CVE-2018-1325
https://notcve.org/view.php?id=CVE-2018-1325
In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display. En Apache wicket-jquery-ui, en versiones iguales o anteriores a la 6.29.0, 7.10.1 o 8.0.0-M9.1, el código creado en el editor WYSIWYG se ejecutará en pantalla. • https://markmail.org/message/6bxjyaolehhq7jrl • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •