CVE-2020-11022

Severity

Theme

CVE-2020-11022

medium

New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

ID	Name	Product	Family	Severity
152985	Tenable SecurityCenter < 5.19.0 Multiple XSS Vulnerabilities (TNS-2021-14)	Nessus	Misc.	medium
152772	Oracle Enterprise Manager Ops Center (Oct 2020 CPU)	Nessus	Misc.	critical
151985	Tenable.sc < 5.19.0 Multiple Vulnerabilities (TNS-2021-14) (deprecated)	Nessus	Misc.	high
150139	Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)	Nessus	Misc.	medium
148980	Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2021 CPU)	Nessus	Misc.	critical
148918	Oracle Primavera Unifier (Apr 2021 CPU)	Nessus	CGI abuses	medium
148894	Oracle Database Server Multiple Vulnerabilities (Apr 2021 CPU)	Nessus	Databases	medium
148146	Debian DLA-2608-1 : jquery security update	Nessus	Debian Local Security Checks	medium
147729	Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)	Nessus	Misc.	medium
147251	NewStart CGSL CORE 5.04 / MAIN 5.04 : ipa Multiple Vulnerabilities (NS-SA-2021-0045)	Nessus	NewStart CGSL Local Security Checks	medium
145989	CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)	Nessus	CentOS Local Security Checks	medium
145873	CentOS 8 : idm:DL1 and idm:client (CESA-2020:4670)	Nessus	CentOS Local Security Checks	medium
145244	Oracle WebCenter Sites (Jan 2021 CPU)	Nessus	Windows	medium
145224	Oracle Application Testing Suite (Jan 2021 CPU)	Nessus	Misc.	critical
144584	Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)	Nessus	Misc.	high
143080	RHEL 7 : ipa (RHSA-2020:3936)	Nessus	Red Hat Local Security Checks	medium
142840	openSUSE Security Update : otrs (openSUSE-2020-1888)	Nessus	SuSE Local Security Checks	medium
142435	RHEL 8 : idm:DL1 and idm:client (RHSA-2020:4670)	Nessus	Red Hat Local Security Checks	medium
142409	RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2020:4847)	Nessus	Red Hat Local Security Checks	medium
142146	Oracle JDeveloper XSS (October 2020 CPU)	Nessus	Misc.	medium
141974	Amazon Linux 2 : ipa-client (ALAS-2020-1519)	Nessus	Amazon Linux Local Security Checks	medium
141807	Oracle WebLogic Server Multiple Vulnerabilities (Oct 2020 CPU)	Nessus	Misc.	critical
141734	Scientific Linux Security Update : ipa on SL7.x x86_64 (20201001)	Nessus	Scientific Linux Local Security Checks	medium
141586	CentOS 7 : ipa (CESA-2020:3936)	Nessus	CentOS Local Security Checks	medium
140750	RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)	Nessus	Red Hat Local Security Checks	high
140557	Fedora 31 : drupal7 (2020-fbb94073a1)	Nessus	Fedora Local Security Checks	high
140545	Fedora 32 : drupal7 (2020-0b32a59b54)	Nessus	Fedora Local Security Checks	high
140234	FreeBSD : Gitlab -- multiple vulnerabilities (1fb13175-ed52-11ea-8b93-001b217b3468)	Nessus	FreeBSD Local Security Checks	high
139112	FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)	Nessus	FreeBSD Local Security Checks	high
138985	openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)	Nessus	SuSE Local Security Checks	high
138926	GLSA-202007-03 : Cacti: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
138526	Oracle Primavera Gateway (Jul 2020 CPU)	Nessus	CGI abuses	critical
112485	Joomla! 2.5.x < 3.9.19 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	high
137423	Fedora 32 : drupal8 (2020-36d2db5f51)	Nessus	Fedora Local Security Checks	medium
137366	Joomla 2.5.x < 3.9.19 Multiple Vulnerabilities (5812-joomla-3-9-19)	Nessus	CGI abuses	high
112438	Drupal 7.x < 7.70 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
112437	Drupal 8.7.x < 8.7.14 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
112430	Drupal 8.8.x < 8.8.6 Multiple Vulnerabilities	Web Application Scanning	Component Vulnerability	medium
137104	Fedora 32 : drupal7 (2020-11be4b36d4)	Nessus	Fedora Local Security Checks	medium
137064	RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:2362)	Nessus	Red Hat Local Security Checks	medium
136976	RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2217)	Nessus	Red Hat Local Security Checks	medium
136932	Debian DSA-4693-1 : drupal7 - security update	Nessus	Debian Local Security Checks	medium
136929	JQuery 1.2 < 3.5.0 Multiple XSS	Nessus	CGI abuses : XSS	medium
136745	Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)	Nessus	CGI abuses	medium
112383	jQuery 1.2.0 < 3.5.0 Cross-Site Scripting	Web Application Scanning	Component Vulnerability	medium

CVE-2020-11022

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Configuration 7

Configuration 8

Configuration 9

Configuration 10

Configuration 11

Configuration 12

Configuration 13

Configuration 14

Configuration 15

Tenable Plugins

medium

critical

high

medium

critical

medium

medium

medium

medium

medium

medium

medium

medium

critical

high

medium

medium

medium

medium

medium

medium

critical

medium

medium

high

high

high

high

high

high

high

critical

high

medium

high

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium