jQuery – CVE-2014-6071

Description

Kayran has detected that the version of the jQuery you use is vulnerable to Cross-site Scripting attacks (XSS).
This can be done by abusing vectors related to use of the “text” method inside after.

This allows an attacker to modify some system files or information. Yet, the attacker does not have control over what can be modified, or very limited in terms of possibilities.

Recommendation

Upgrade the version of the jquery you use.
Since it exists only in versions up until 1.4.2, make sure you upgrade to version higher than 1.4.2.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6071

< Return to all Vulnerabilities

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »