jQuery – CVE-2011-4969

Description

Kayran has detected that the version of the jQuery you use is vulnerable to Cross-site Scripting attacks (XSS).
This can be done by using location.hash to select elements.

This vulnerability allows remote attackers to inject arbitrary web scripts or HTML via crafted tags.

Recommendation

Upgrade the version of the jquery you use.
Since it exists only in versions up until 1.6.3, make sure you upgrade to version higher than 1.6.3.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4969

< Return to all Vulnerabilities

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »