oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

old CVE assignments for JQuery 1.10.0

From: "Vincent Danen" <vdanen () redhat com>
Date: Fri, 14 Nov 2014 08:29:42 -0700
A title XSS was fixed in JQuery 1.10.0 back in November 2012 (with the release of 1.10.0 in January 2013): 

http://bugs.jqueryui.com/ticket/6016
https://github.com/jquery/jquery-ui/commit/7e9060c109b928769a664dbcc2c17bd21231b6f3
http://jqueryui.com/changelog/1.10.0/

Looking at the changelog it also seems like there are others:

* Fixed: XSS in combobox demo. (#8859, 5fee6fd)
* Fixed: Title XSS Vulnerability. (#6016, 7e9060c)
* Fixed: XSS vulnerability in default content. (#8861, f285440)

I don't believe CVEs were assigned to any of these as far as I can tell.

--
Vincent Danen / Red Hat Product Security
Previous By Date Next
Previous By Thread Next

Current thread: