jQuery UI – CVE-2016-7103

Home » Blog » jQuery UI – CVE-2016-7103

Description

Kayran has detected that the version of jQuery UI being used is vulnerable to Cross-site scripting (XSS).
This can be done by abusing the closeText parameter. Also known as CVE-2016-7103.

By abusing the closeText parameter of the dialog function in jQuery UI, remote attackers can inject arbitrary web scripts or any HTML.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2016-7103, update the version of the jQuery UI being used.
Make sure its version is 1.12.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7103

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

Cybersecurity – The thinnest security guards you will ever know

I can sit here all day long talking about vulnerabilities, attackers and other scary ways that puts our money and personal data at risk and

Terms and Topics in Cybersecurity that you should know

The Cybersecurity field is one of the fields that has been growing rapidly and steadily in recent years, as the demand for it grew more

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Injection Attacks – You better inject yourself before you get-hacked yourself

Besides the most creative title you’ve ever seen, there are many things we do not like that we can talk about, in this case, we

Everything Ransomware

If you wish to know Everything Ransomware related, you’ve come to the right place! What is Ransomware? What can we do with it? Why it’s

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

WEB APPLICATION VULNERABILITY SCANNER