CVE-2012-6708

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

References

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html

http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html

http://packetstormsecurity.com/files/161972/Linksys-EA7500-2.0.8.194281-Cross-Site-Scripting.html

http://www.securityfocus.com/bid/102792

https://bugs.jquery.com/ticket/11290

https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://snyk.io/vuln/npm:jquery:20120206

Details

Source: MITRE

Published: 2018-01-18

Updated: 2021-03-25

Type: CWE-79

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Tenable Plugins

View all (8 total)

IDNameProductFamilySeverity
140096Amazon Linux AMI : ruby24 (ALAS-2020-1422)NessusAmazon Linux Local Security Checks
high
135161openSUSE Security Update : ruby2.5 (openSUSE-2020-395)NessusSuSE Local Security Checks
medium
135011JQuery < 1.9.0 XSSNessusCGI abuses : XSS
medium
134824SUSE SLED15 / SLES15 Security Update : Recommended update for ruby2.5 (SUSE-SU-2020:0737-1)NessusSuSE Local Security Checks
medium
128404FreeBSD : RDoc -- multiple jQuery vulnerabilities (ed8d5535-ca78-11e9-980b-999ff59c22ea)NessusFreeBSD Local Security Checks
medium
125483F5 Networks BIG-IP : jQuery vulnerability (K62532311)NessusF5 Networks Local Security Checks
medium
124565IBM BigFix Platform 9.5.x < 9.5.12 Multiple VulnerabilitiesNessusWeb Servers
critical
112432jQuery 1.7.1 < 1.9.0 Cross-Site ScriptingWeb Application ScanningComponent Vulnerability
medium