CVE-2015-9251

Published: Jan 18, 2018

Modified: Aug 6, 2024

PUBLISHED

Description

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

105658

vdb-entry

x_refsource_BID

20190509 dotCMS v5.1.1 Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability

mailing-list

x_refsource_FULLDISC

20190510 dotCMS v5.1.1 Vulnerabilities

mailing-list

x_refsource_FULLDISC

20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability

mailing-list

x_refsource_FULLDISC

[flink-user] 20190811 Apache flink 1.7.2 security issues

mailing-list

x_refsource_MLIST

[flink-dev] 20190811 Apache flink 1.7.2 security issues

mailing-list

x_refsource_MLIST

[flink-user] 20190813 Apache flink 1.7.2 security issues

mailing-list

x_refsource_MLIST

[flink-user] 20190813 Re: Apache flink 1.7.2 security issues

mailing-list

x_refsource_MLIST

[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js

mailing-list

x_refsource_MLIST

[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities

mailing-list

x_refsource_MLIST

[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

mailing-list

x_refsource_MLIST

[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities

mailing-list

x_refsource_MLIST

RHSA-2020:0481

vendor-advisory

x_refsource_REDHAT

RHSA-2020:0729

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2020:0395

vendor-advisory

x_refsource_SUSE

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

x_refsource_CONFIRM

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://github.com/jquery/jquery/issues/2432

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

x_refsource_CONFIRM

https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf

x_refsource_MISC

https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2

x_refsource_MISC

https://snyk.io/vuln/npm:jquery:20150627

x_refsource_MISC

https://github.com/jquery/jquery/pull/2588

x_refsource_MISC

https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04

x_refsource_MISC

https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

x_refsource_MISC

http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html

x_refsource_MISC

http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

x_refsource_MISC

https://www.tenable.com/security/tns-2019-08

x_refsource_CONFIRM

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20210108-0004/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-9251

Description

Affected Products

References