Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
21 Jun 2023, 18:26
Type | Values Removed | Values Added |
---|---|---|
First Time |
Jqueryui
Jqueryui jquery Ui |
|
CPE | cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* |
30 Jan 2023, 19:03
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
CPE | cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* cpe:2.3:a:apache:drill:1.16.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* |
|
First Time |
Drupal drupal
Apache Fedoraproject Apache drill Netapp Fedoraproject fedora Drupal Netapp snapcenter |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20190416-0007/ - Third Party Advisory | |
References | (CONFIRM) https://www.drupal.org/sa-core-2022-002 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html - Mailing List, Third Party Advisory | |
References | (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ - Mailing List, Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id/1037035 - Broken Link, Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/71106 - Broken Link, Third Party Advisory, VDB Entry | |
References | (MISC) https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MISC) https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E - Mailing List, Third Party Advisory | |
References | (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ - Mailing List, Third Party Advisory | |
References | (MISC) https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E - Mailing List, Third Party Advisory |
04 Nov 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
03 Nov 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
24 Oct 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Jan 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2014-11-24 16:59
Updated : 2023-12-10 11:31
NVD link : CVE-2010-5312
Mitre link : CVE-2010-5312
CVE.ORG link : CVE-2010-5312
JSON object : View
Products Affected
jqueryui
- jquery_ui
drupal
- drupal
debian
- debian_linux
netapp
- snapcenter
apache
- drill
fedoraproject
- fedora
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')