jQuery UI – CVE-2010-5312

Home » Blog » jQuery UI – CVE-2010-5312

Description

Kayran has detected that the version of jQuery UI being used is vulnerable to Cross-site scripting (XSS).
This can be done by abusing the jquery.ui.dialog.js. Also known as CVE-2010-5312.

By abusing the jquery.ui.dialog.js in the Dialog widget in jQuery UI, remote attackers can inject arbitrary web scripts or any HTML.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2010-5312, update the version of the jQuery UI being used.
Make sure its version is 1.10.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5312

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

To serve or not to serve – DoS vs. DDoS

If you’ve heard of the beautiful term called DoS before, great! that’s not it. To the “veterans” among us this term usually attributed to DOS

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing