Description
Kayran has detected that the version of the jQuery you use is vulnerable to Cross-site Scripting attacks (XSS).
These attacks are enabled by using the “load” method.
The “load” method cannot recognize and remove “<script>” HTML tags that could possibly contain a whitespace character. For example: “</script >”.
This will cause scripts inserted by an attacker to be executed.
Recommendation
Upgrade the version of the jquery you use.
Make sure you upgrade to version 1.9.0 or higher.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7656