jQuery UI – CVE-2010-5312

Description

Kayran has detected that the version of jQuery UI being used is vulnerable to Cross-site scripting (XSS).
This can be done by abusing the jquery.ui.dialog.js. Also known as CVE-2010-5312.

By abusing the jquery.ui.dialog.js in the Dialog widget in jQuery UI, remote attackers can inject arbitrary web scripts or any HTML.

Recommendation

To fix CVE-2010-5312, update the version of the jQuery UI being used.
Make sure its version is 1.10.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5312

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

Browser Exploitation

We know that it’s possible to exploit weaknesses (or vulnerabilities) that exist in anything, from a certain code to the entire application, let’s talk about

Read More »