WEB JQuery Potential XSS vulnerability -2 (CVE-2020-11022)
Rule ID
1232849
Severity
Medium
Description
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Impact
Information disclosure
Recommendation
Update vendor's patch.
IPS Category
Exploits
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
References
CVE-2020-11022
CVE-2020-11023
ICSA-21-306-01
ICSA-22-055-02
ICSA-22-097-01
ICSA-22-055-02
ICSA-22-097-01
ICSA-22-342-02
CVE-2020-23064
ICSA-24-074-03
T1059
T0853
Keywords
N/A
Date Created
2023/05/24
Last Updated
2024/03/15
This website uses cookies to ensure you get the best experience on our website.
Learn more