CVE-2020-11023

MEDIUM

Description

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

References

https://jquery.com/upgrade-guide/3.5/

https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6

https://blog.jquery.com/2020/04/10/jquery-3-5-0-released

https://security.netapp.com/advisory/ntap-20200511-0006/

https://www.drupal.org/sa-core-2020-002

https://www.debian.org/security/2020/dsa-4693

https://lists.fedoraproject.org/archives/list/[email protected]/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/

https://www.oracle.com/security-alerts/cpujul2020.html

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html

https://security.gentoo.org/glsa/202007-03

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.fedoraproject.org/archives/list/[email protected]/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/

https://lists.fedoraproject.org/archives/list/[email protected]/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/

https://lists.apache.org/thread.html/[email protected]%3Ccommits.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.hive.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.hive.apache.org%3E

https://lists.fedoraproject.org/archives/list/[email protected]/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/

https://lists.apache.org/thread.html/[email protected]%3Ccommits.nifi.apache.org%3E

https://www.oracle.com/security-alerts/cpuoct2020.html

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.felix.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.felix.apache.org%3E

https://www.oracle.com/security-alerts/cpujan2021.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://www.tenable.com/security/tns-2021-02

https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html

http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

Details

Source: MITRE

Published: 2020-04-29

Updated: 2021-05-05

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Impact Score: 2.7

Exploitability Score: 2.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from 2.7.0 to 2.8.0 (inclusive)

cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.10.0 (inclusive)

cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from 6.1 to 6.4 (inclusive)

cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from 4.1 to 4.3 (inclusive)

cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*

cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from 16.2 to 16.2.11 (inclusive)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from 17.12.0 to 17.12.7 (inclusive)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from 18.8.0 to 18.8.9 (inclusive)

cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from 19.12.0 to 19.12.4 (inclusive)

cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*

cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*

cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to 20.12 (inclusive)

cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14

OR

cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from 3.0 to 3.1.3 (inclusive)

cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
148921Amazon Linux 2 : ipa (ALAS-2021-1626)NessusAmazon Linux Local Security Checks
medium
148918Oracle Primavera Unifier (Apr 2021 CPU)NessusCGI abuses
medium
148894Oracle Database Server Multiple Vulnerabilities (Apr 2021 CPU)NessusDatabases
medium
148146Debian DLA-2608-1 : jquery security updateNessusDebian Local Security Checks
medium
147888Oracle Linux 7 : ipa (ELSA-2021-0860)NessusOracle Linux Local Security Checks
medium
147836RHEL 7 : ipa (RHSA-2021:0860)NessusRed Hat Local Security Checks
medium
147729Nessus Network Monitor < 5.13.0 Multiple Vulnerabilities (TNS-2021-02)NessusMisc.
medium
145989CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)NessusCentOS Local Security Checks
medium
145244Oracle WebCenter Sites (Jan 2021 CPU)NessusWindows
medium
144399RHEL 8 : python-XStatic-jQuery224 (RHSA-2020:5412)NessusRed Hat Local Security Checks
medium
142840openSUSE Security Update : otrs (openSUSE-2020-1888)NessusSuSE Local Security Checks
medium
142409RHEL 8 : pki-core:10.6 and pki-deps:10.6 (RHSA-2020:4847)NessusRed Hat Local Security Checks
medium
141829Oracle Database Server Multiple Vulnerabilities (Oct 2020 CPU)NessusDatabases
high
140750RHEL 8 : Red Hat Virtualization (RHSA-2020:3807)NessusRed Hat Local Security Checks
medium
140557Fedora 31 : drupal7 (2020-fbb94073a1)NessusFedora Local Security Checks
medium
140545Fedora 32 : drupal7 (2020-0b32a59b54)NessusFedora Local Security Checks
medium
139385RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:3369)NessusRed Hat Local Security Checks
medium
139112FreeBSD : Cacti -- multiple vulnerabilities (cd2dc126-cfe4-11ea-9172-4c72b94353b5)NessusFreeBSD Local Security Checks
medium
138985openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-1060)NessusSuSE Local Security Checks
medium
138926GLSA-202007-03 : Cacti: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
138526Oracle Primavera Gateway (Jul 2020 CPU)NessusCGI abuses
high
112485Joomla! 2.5.x < 3.9.19 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
137423Fedora 32 : drupal8 (2020-36d2db5f51)NessusFedora Local Security Checks
medium
137366Joomla 2.5.x < 3.9.19 Multiple Vulnerabilities (5812-joomla-3-9-19)NessusCGI abuses
medium
112438Drupal 7.x < 7.70 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
112437Drupal 8.7.x < 8.7.14 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
112430Drupal 8.8.x < 8.8.6 Multiple VulnerabilitiesWeb Application ScanningComponent Vulnerability
medium
136932Debian DSA-4693-1 : drupal7 - security updateNessusDebian Local Security Checks
medium
136929JQuery 1.2 < 3.5.0 Multiple XSSNessusCGI abuses : XSS
medium
136745Drupal 7.0.x < 7.70 / 7.0.x < 7.70 / 8.7.x < 8.7.14 / 8.8.x < 8.8.6 Multiple Vulnerabilities (drupal-2020-05-20)NessusCGI abuses
medium
112383jQuery 1.2.0 < 3.5.0 Cross-Site ScriptingWeb Application ScanningComponent Vulnerability
medium