A vulnerability, which was classified as problematic, has been found in jQuery-UI up to 1.12.x (JavaScript Library). Affected by this issue is the function position. Upgrading to version 1.13.0 eliminates this vulnerability. The upgrade is hosted for download at blog.jqueryui.com. Applying the patch effa323f1505f2ce7a324e4f429fa9032c72f280 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
jQuery-UI up to 1.12.x position of cross site scripting
- Virtual Patching
- October 26, 2021
- 10:04 pm
- Virtual Patching
- October 26, 2021
- 10:04 pm
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION
Description Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with
CVE-2022-2814 : SOURCECODESTER SIMPLE AND NICE SHOPPING CART SCRIPT /MKSHOPE/LOGIN.PHP MSG CROSS SITE SCRIPTING
Description A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by
CVE-2022-37397 : YUGABYTEDB 2.6.1 LDAP AUTHENTICATION CONFIG
Description An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When