CVE-2020-11023
JQuery Cross-Site Scripting (XSS) Vulnerability
CVSS
—
Sin CVSS
EPSS
83.8%
p100
KEV
SÍ
23 ene 2025
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
JQuery / JQuery
Vulnerabilidad
JQuery Cross-Site Scripting (XSS) Vulnerability
Añadido a KEV
23 ene 2025
Remediar antes de
13 feb 2025
Uso conocido en ransomware
No
Descripción resumida
JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6 ; https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2020-11023
Sin CVEs relacionados por CWE o producto.