oss-sec mailing list archives
old CVE assignments for JQuery 1.10.0
From: "Vincent Danen" <vdanen () redhat com>
Date: Fri, 14 Nov 2014 08:29:42 -0700
A title XSS was fixed in JQuery 1.10.0 back in November 2012 (with the release of 1.10.0 in January 2013):
http://bugs.jqueryui.com/ticket/6016 https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd21231b6f3 http://jqueryui.com/changelog/1.10.0/ Looking at the changelog it also seems like there are others: * Fixed: XSS in combobox demo. (#8859, 5fee6fd) * Fixed: Title XSS Vulnerability. (#6016, 7e9060c) * Fixed: XSS vulnerability in default content. (#8861, f285440) I don't believe CVEs were assigned to any of these as far as I can tell. -- Vincent Danen / Red Hat Product Security
Current thread:
- old CVE assignments for JQuery 1.10.0 Vincent Danen (Nov 14)
- Re: old CVE assignments for JQuery 1.10.0 cve-assign (Nov 14)