jQuery UI – CVE-2010-5312

Description

Kayran has detected that the version of jQuery UI being used is vulnerable to Cross-site scripting (XSS).
This can be done by abusing the jquery.ui.dialog.js. Also known as CVE-2010-5312.

By abusing the jquery.ui.dialog.js in the Dialog widget in jQuery UI, remote attackers can inject arbitrary web scripts or any HTML.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2010-5312, update the version of the jQuery UI being used.
Make sure its version is 1.10.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5312

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

Red Team

You’ve probably heard that there are teams in the Cyber field called Red Team and Blue Team. Let’s talk about the red one, shall we?

Read More »