vulnerability
Red Hat: CVE-2020-11022: CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (Multiple Advisories)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | 2020-04-29 | 2020-10-01 | 2024-11-26 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
2020-04-29
Added
2020-10-01
Modified
2024-11-26
Description
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Solution(s)
redhat-upgrade-apache-commons-collectionsredhat-upgrade-apache-commons-langredhat-upgrade-apache-commons-netredhat-upgrade-bea-stax-apiredhat-upgrade-bind-dyndb-ldapredhat-upgrade-bind-dyndb-ldap-debuginforedhat-upgrade-bind-dyndb-ldap-debugsourceredhat-upgrade-custodiaredhat-upgrade-glassfish-fastinfosetredhat-upgrade-glassfish-jaxb-apiredhat-upgrade-glassfish-jaxb-coreredhat-upgrade-glassfish-jaxb-runtimeredhat-upgrade-glassfish-jaxb-txw2redhat-upgrade-ipa-clientredhat-upgrade-ipa-client-commonredhat-upgrade-ipa-client-debuginforedhat-upgrade-ipa-client-epnredhat-upgrade-ipa-client-sambaredhat-upgrade-ipa-commonredhat-upgrade-ipa-debuginforedhat-upgrade-ipa-debugsourceredhat-upgrade-ipa-healthcheckredhat-upgrade-ipa-healthcheck-coreredhat-upgrade-ipa-python-compatredhat-upgrade-ipa-selinuxredhat-upgrade-ipa-serverredhat-upgrade-ipa-server-commonredhat-upgrade-ipa-server-debuginforedhat-upgrade-ipa-server-dnsredhat-upgrade-ipa-server-trust-adredhat-upgrade-ipa-server-trust-ad-debuginforedhat-upgrade-jackson-annotationsredhat-upgrade-jackson-coreredhat-upgrade-jackson-databindredhat-upgrade-jackson-jaxrs-json-providerredhat-upgrade-jackson-jaxrs-providersredhat-upgrade-jackson-module-jaxb-annotationsredhat-upgrade-jakarta-commons-httpclientredhat-upgrade-javassistredhat-upgrade-javassist-javadocredhat-upgrade-jssredhat-upgrade-jss-debuginforedhat-upgrade-jss-debugsourceredhat-upgrade-jss-javadocredhat-upgrade-ldapjdkredhat-upgrade-ldapjdk-javadocredhat-upgrade-opendnssecredhat-upgrade-opendnssec-debuginforedhat-upgrade-opendnssec-debugsourceredhat-upgrade-pki-baseredhat-upgrade-pki-base-javaredhat-upgrade-pki-caredhat-upgrade-pki-core-debuginforedhat-upgrade-pki-core-debugsourceredhat-upgrade-pki-kraredhat-upgrade-pki-serverredhat-upgrade-pki-servlet-4-0-apiredhat-upgrade-pki-servlet-engineredhat-upgrade-pki-symkeyredhat-upgrade-pki-symkey-debuginforedhat-upgrade-pki-toolsredhat-upgrade-pki-tools-debuginforedhat-upgrade-python-nss-debugsourceredhat-upgrade-python-nss-docredhat-upgrade-python2-ipaclientredhat-upgrade-python2-ipalibredhat-upgrade-python2-ipaserverredhat-upgrade-python3-custodiaredhat-upgrade-python3-ipaclientredhat-upgrade-python3-ipalibredhat-upgrade-python3-ipaserverredhat-upgrade-python3-jwcryptoredhat-upgrade-python3-kdcproxyredhat-upgrade-python3-nssredhat-upgrade-python3-nss-debuginforedhat-upgrade-python3-pkiredhat-upgrade-python3-pyusbredhat-upgrade-python3-qrcoderedhat-upgrade-python3-qrcode-coreredhat-upgrade-python3-yubicoredhat-upgrade-relaxngdatatyperedhat-upgrade-resteasyredhat-upgrade-slapi-nisredhat-upgrade-slapi-nis-debuginforedhat-upgrade-slapi-nis-debugsourceredhat-upgrade-slf4jredhat-upgrade-slf4j-jdk14redhat-upgrade-softhsmredhat-upgrade-softhsm-debuginforedhat-upgrade-softhsm-debugsourceredhat-upgrade-softhsm-develredhat-upgrade-stax-exredhat-upgrade-tomcatjssredhat-upgrade-velocityredhat-upgrade-xalan-j2redhat-upgrade-xerces-j2redhat-upgrade-xml-commons-apisredhat-upgrade-xml-commons-resolverredhat-upgrade-xmlstreambufferredhat-upgrade-xsom

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.