CVE-2012-6708 Information
Share on:Description
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the ‘’ character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the ‘’ character limiting exploitability only to attackers who can control the beginning of a string which is far less common.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html http://www.securityfocus.com/bid/102792 https://bugs.jquery.com/ticket/11290 https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@3Cdev.drill.apache.org3E https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@3Cdev.drill.apache.org3E https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@3Cissues.drill.apache.org3E https://snyk.io/vuln/npm:jquery:20120206
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1