CVE-2021-41183

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-41183
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.

6.1 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/ Release Notes Vendor Advisory
https://bugs.jqueryui.com/ticket/15284 Issue Tracking Vendor Advisory
https://github.com/jquery/jquery-ui/pull/1953 Patch Third Party Advisory
https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 Exploit Mitigation Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20211118-0004/ Third Party Advisory
https://www.drupal.org/sa-contrib-2022-004 Third Party Advisory
https://www.drupal.org/sa-core-2022-001 Third Party Advisory
https://www.drupal.org/sa-core-2022-002 Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html Third Party Advisory
https://www.tenable.com/security/tns-2022-09 Patch Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 11 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 12 (hide)

OR cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*

Configuration 13 (hide)

OR cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*
cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*

Configuration 14 (hide)

cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
History

31 Aug 2023, 03:15

Type Values Removed Values Added
References
  • (MISC) https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html -

21 Jun 2023, 18:23

Type Values Removed Values Added
CPE cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:* cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:*
First Time Jqueryui
Jqueryui jquery Ui

07 Nov 2022, 16:42

Type Values Removed Values Added
CPE cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ - Mailing List, Third Party Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ - Mailing List, Third Party Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ - Mailing List, Third Party Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ - Mailing List, Third Party Advisory
References (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ - (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ - Mailing List, Third Party Advisory

04 Nov 2022, 00:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/', 'name': 'FEDORA-2022-9d655503ea', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/', 'name': 'FEDORA-2021-ab38307fc3', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/', 'name': 'FEDORA-2021-51c256bf87', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/', 'name': 'FEDORA-2021-013ab302be', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/', 'name': 'FEDORA-2022-bf18450366', 'tags': [], 'refsource': 'FEDORA'}
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ -
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ -
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ -
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ -
  • (MISC) https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ -

03 Nov 2022, 17:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/ -

24 Oct 2022, 14:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/ -

05 Oct 2022, 12:41

Type Values Removed Values Added
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory
References (CONFIRM) https://www.tenable.com/security/tns-2022-09 - (CONFIRM) https://www.tenable.com/security/tns-2022-09 - Patch, Release Notes, Third Party Advisory
References (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory
First Time Oracle big Data Spatial And Graph
Oracle communications Interactive Session Recorder
Oracle application Express
Oracle agile Plm
Oracle jd Edwards Enterpriseone Tools
Oracle hospitality Suite8
Oracle rest Data Services
Oracle weblogic Server
Oracle policy Automation
Oracle
Oracle mysql Enterprise Monitor
Tenable tenable.sc
Oracle hospitality Inventory Management
Tenable
Oracle peoplesoft Enterprise Peopletools
Oracle primavera Gateway
Oracle banking Platform
Oracle communications Operations Monitor
CPE cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*
cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*

25 Jul 2022, 18:16

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

20 Apr 2022, 18:15

Type Values Removed Values Added
References
  • (CONFIRM) https://www.tenable.com/security/tns-2022-09 -

20 Apr 2022, 00:16

Type Values Removed Values Added
References
  • (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -

29 Mar 2022, 17:04

Type Values Removed Values Added
References (CONFIRM) https://www.drupal.org/sa-core-2022-001 - (CONFIRM) https://www.drupal.org/sa-core-2022-001 - Third Party Advisory
References (MISC) https://www.drupal.org/sa-contrib-2022-004 - (MISC) https://www.drupal.org/sa-contrib-2022-004 - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html - Mailing List, Third Party Advisory
References (CONFIRM) https://www.drupal.org/sa-core-2022-002 - (CONFIRM) https://www.drupal.org/sa-core-2022-002 - Third Party Advisory
CPE cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
First Time Debian debian Linux
Drupal
Drupal drupal
Debian

19 Jan 2022, 22:15

Type Values Removed Values Added
References
  • (CONFIRM) https://www.drupal.org/sa-core-2022-001 -
  • (MISC) https://www.drupal.org/sa-contrib-2022-004 -
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html -
  • (CONFIRM) https://www.drupal.org/sa-core-2022-002 -

23 Nov 2021, 20:04

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ - Mailing List, Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0004/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0004/ - Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ - Mailing List, Third Party Advisory
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ - Mailing List, Third Party Advisory
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

20 Nov 2021, 04:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/ -

18 Nov 2021, 08:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20211118-0004/ -

29 Oct 2021, 18:22

Type Values Removed Values Added
CPE cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*
References (MISC) https://bugs.jqueryui.com/ticket/15284 - (MISC) https://bugs.jqueryui.com/ticket/15284 - Issue Tracking, Vendor Advisory
References (MISC) https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/ - (MISC) https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/ - Release Notes, Vendor Advisory
References (MISC) https://github.com/jquery/jquery-ui/pull/1953 - (MISC) https://github.com/jquery/jquery-ui/pull/1953 - Patch, Third Party Advisory
References (CONFIRM) https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 - (CONFIRM) https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 - Exploit, Mitigation, Third Party Advisory
CVSS v2 : unknown
v3 : 6.5 		v2 : 4.3
v3 : 6.1

26 Oct 2021, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2021-10-26 15:15

Updated : 2023-12-10 14:09

NVD link : CVE-2021-41183

Mitre link : CVE-2021-41183

CVE.ORG link : CVE-2021-41183

JSON object : View

Products Affected

netapp

  • h700e
  • h700s_firmware
  • h500s_firmware
  • h700s
  • h410c_firmware
  • h700e_firmware
  • h300e_firmware
  • h300s_firmware
  • h500e_firmware
  • h500s
  • h410c
  • h410s_firmware
  • h300e
  • h410s
  • h300s
  • h500e

oracle

  • policy_automation
  • communications_interactive_session_recorder
  • application_express
  • rest_data_services
  • jd_edwards_enterpriseone_tools
  • big_data_spatial_and_graph
  • weblogic_server
  • agile_plm
  • communications_operations_monitor
  • hospitality_suite8
  • mysql_enterprise_monitor
  • primavera_gateway
  • banking_platform
  • hospitality_inventory_management
  • peoplesoft_enterprise_peopletools

jqueryui

  • jquery_ui

tenable

  • tenable.sc

drupal

  • drupal

fedoraproject

  • fedora

debian

  • debian_linux
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')