jQuery UI – CVE-2016-7103

Description

Kayran has detected that the version of jQuery UI being used is vulnerable to Cross-site scripting (XSS).
This can be done by abusing the closeText parameter. Also known as CVE-2016-7103.

By abusing the closeText parameter of the dialog function in jQuery UI, remote attackers can inject arbitrary web scripts or any HTML.

Severity/Score

CVSS Version 3.x – 6.1 Medium

Recommendation

To fix CVE-2016-7103, update the version of the jQuery UI being used.
Make sure its version is 1.12.0 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7103

https://cwe.mitre.org/data/definitions/79.html

< Return to all Vulnerabilities

SQLI to RCE

How to preform SQLI TO RCE? One of the most interesting and important things about any site is the database. So, it’s important to protect

Read More »

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »