Vulnerability-Lookup

WID-SEC-W-2022-1347

Vulnerability from csaf_certbund - Published: 2020-05-03 22:00 - Updated: 2025-05-29 22:00

Summary

jQuery: Mehrere Schwachstellen ermöglichen Cross-Site Scripting

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: jQuery ist eine freie JavaScript-Bibliothek, die Funktionen zur DOM-Navigation und -Manipulation zur Verfügung stellt.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in jQuery ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.

Betroffene Betriebssysteme: - BIOS/Firmware - F5 Networks - Hardware Appliance - Juniper Appliance - Linux - MacOS X - Sonstiges - UNIX - Windows

CVE-2020-11022

CVE-2020-11023

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://github.com/jquery/jquery/security/advisor…	external
	https://github.com/jquery/jquery/security/advisor…	external
	https://www.drupal.org/sa-core-2020-002	external
	https://www.debian.org/security/2020/dsa-4693	external
	https://access.redhat.com/errata/RHSA-2020:2217	external
	https://access.redhat.com/errata/RHSA-2020:2362	external
	https://access.redhat.com/errata/RHSA-2020:2813	external
	https://security.paloaltonetworks.com/PAN-SA-2020-0007	external
	https://access.redhat.com/errata/RHSA-2020:2412	external
	https://security.gentoo.org/glsa/202007-03	external
	https://support.f5.com/csp/article/K66544153	external
	https://support.f5.com/csp/article/K02453220	external
	https://access.redhat.com/errata/RHSA-2020:3247	external
	https://access.redhat.com/errata/RHSA-2020:3369	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	http://lists.suse.com/pipermail/sle-security-upda…	external
	https://access.redhat.com/errata/RHSA-2020:3807	external
	https://access.redhat.com/errata/RHSA-2020:3936	external
	https://access.redhat.com/errata/RHSA-2020:4211	external
	https://community.otrs.com/security-advisory-2020-14/	external
	https://support.hcltechsw.com/csm?id=kb_article&s…	external
	https://de.tenable.com/security/tns-2020-10	external
	https://access.redhat.com/errata/RHSA-2020:5412	external
	https://www.dell.com/support/kbdoc/en-us/00018092…	external
	https://de.tenable.com/security/tns-2021-02	external
	https://access.redhat.com/errata/RHSA-2021:0778	external
	https://access.redhat.com/errata/RHSA-2021:0860	external
	https://linux.oracle.com/errata/ELSA-2021-0860.html	external
	https://lists.debian.org/debian-lts-announce/2021…	external
	https://alas.aws.amazon.com/AL2/ALAS-2021-1626.html	external
	https://www.broadcom.com/support/fibre-channel-ne…	external
	https://access.redhat.com/errata/RHSA-2021:1846	external
	https://www.broadcom.com/support/fibre-channel-ne…	external
	https://support.hpe.com/hpesc/public/docDisplay?d…	external
	https://linux.oracle.com/errata/ELSA-2021-9400.html	external
	https://access.redhat.com/errata/RHSA-2021:4142	external
	https://linux.oracle.com/errata/ELSA-2021-9552.html	external
	https://linux.oracle.com/errata/ELSA-2022-9177.html	external
	https://access.redhat.com/errata/RHSA-2022:6393	external
	https://documentation.solarwinds.com/en/success_c…	external
	https://www.ibm.com/support/pages/node/6852773	external
	https://www.tenable.com/security/tns-2023-09	external
	https://documentation.solarwinds.com/en/success_c…	external
	https://www.ibm.com/support/pages/node/7060517	external
	https://www.moxa.com/en/support/product-support/s…	external
	https://www.ibm.com/support/pages/node/7160134	external
	https://www.ibm.com/support/pages/node/7178266	external
	https://supportportal.juniper.net/s/article/2025-…	external
	https://www.cisa.gov/known-exploited-vulnerabilit…	external
	https://ubuntu.com/security/notices/USN-7246-1	external
	https://access.redhat.com/errata/RHSA-2025:1070	external
	https://access.redhat.com/errata/RHSA-2025:1185	external
	https://access.redhat.com/errata/RHSA-2025:1209	external
	https://access.redhat.com/errata/RHSA-2025:1210	external
	https://access.redhat.com/errata/RHSA-2025:1212	external
	https://access.redhat.com/errata/RHSA-2025:1211	external
	https://access.redhat.com/errata/RHSA-2025:1213	external
	https://access.redhat.com/errata/RHSA-2025:1214	external
	https://access.redhat.com/errata/RHSA-2025:1216	external
	https://access.redhat.com/errata/RHSA-2025:1217	external
	https://access.redhat.com/errata/RHSA-2025:1215	external
	https://access.redhat.com/errata/RHSA-2025:1249	external
	https://linux.oracle.com/errata/ELSA-2025-1210.html	external
	https://access.redhat.com/errata/RHSA-2025:1255	external
	https://linux.oracle.com/errata/ELSA-2025-1215.html	external
	https://access.redhat.com/errata/RHSA-2025:1247	external
	https://access.redhat.com/errata/RHSA-2025:1256	external
	https://access.redhat.com/errata/RHSA-2025:1304	external
	https://access.redhat.com/errata/RHSA-2025:1329	external
	https://access.redhat.com/errata/RHSA-2025:1346	external
	https://access.redhat.com/errata/RHSA-2025:1300	external
	https://access.redhat.com/errata/RHSA-2025:1306	external
	https://access.redhat.com/errata/RHSA-2025:1338	external
	https://access.redhat.com/errata/RHSA-2025:1308	external
	https://access.redhat.com/errata/RHSA-2025:1312	external
	https://access.redhat.com/errata/RHSA-2025:1303	external
	https://access.redhat.com/errata/RHSA-2025:1310	external
	https://access.redhat.com/errata/RHSA-2025:1305	external
	https://access.redhat.com/errata/RHSA-2025:1315	external
	https://access.redhat.com/errata/RHSA-2025:1314	external
	https://access.redhat.com/errata/RHSA-2025:1301	external
	https://access.redhat.com/errata/RHSA-2025:1309	external
	https://access.redhat.com/errata/RHSA-2025:1342	external
	https://access.redhat.com/errata/RHSA-2025:1311	external
	https://linux.oracle.com/errata/ELSA-2025-1300.html	external
	https://linux.oracle.com/errata/ELSA-2025-1301.html	external
	https://linux.oracle.com/errata/ELSA-2025-1309.html	external
	https://linux.oracle.com/errata/ELSA-2025-1306.html	external
	https://errata.build.resf.org/RLSA-2025:1314	external
	https://errata.build.resf.org/RLSA-2025:1215	external
	https://linux.oracle.com/errata/ELSA-2025-1338.html	external
	https://linux.oracle.com/errata/ELSA-2025-1346.html	external
	https://access.redhat.com/errata/RHSA-2025:1515	external
	https://access.redhat.com/errata/RHSA-2025:1514	external
	https://access.redhat.com/errata/RHSA-2025:1601	external
	https://access.redhat.com/errata/RHSA-2025:1580	external
	https://linux.oracle.com/errata/ELSA-2025-1329.html	external
	https://access.redhat.com/errata/RHSA-2025:1983	external
	https://access.redhat.com/errata/RHSA-2025:2426	external
	https://access.redhat.com/errata/RHSA-2025:1985	external
	https://www.ibm.com/support/pages/node/7185353	external
	https://linux.oracle.com/errata/ELSA-2025-1601.html	external
	https://www.ibm.com/support/pages/node/7228945	external
	https://supportportal.juniper.net/s/article/2025-…	external
	https://access.redhat.com/errata/RHSA-2025:4005	external
	https://www.ibm.com/support/pages/node/7231915	external
	https://www.ibm.com/support/pages/node/7233394	external
	https://rhn.redhat.com/errata/RHSA-2025:8278.html	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "jQuery ist eine freie JavaScript-Bibliothek, die Funktionen zur DOM-Navigation und -Manipulation zur Verf\u00fcgung stellt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in jQuery ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- BIOS/Firmware\n- F5 Networks\n- Hardware Appliance\n- Juniper Appliance\n- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-1347 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-1347.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-1347 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1347"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-gxr4-xjj5-5px2 vom 2020-04-30",
        "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"
      },
      {
        "category": "external",
        "summary": "GitHub Security Advisory GHSA-jpcq-cgw6-v4j6 vom 2020-04-30",
        "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"
      },
      {
        "category": "external",
        "summary": "Drupal Security Advisory SA-CORE-2020-002 vom 2020-05-20",
        "url": "https://www.drupal.org/sa-core-2020-002"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-4693 vom 2020-05-27",
        "url": "https://www.debian.org/security/2020/dsa-4693"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:2217 vom 2020-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2020:2217"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:2362 vom 2020-06-02",
        "url": "https://access.redhat.com/errata/RHSA-2020:2362"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:2813 vom 2020-07-02",
        "url": "https://access.redhat.com/errata/RHSA-2020:2813"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisory PAN-SA-2020-0007 vom 2020-07-08",
        "url": "https://security.paloaltonetworks.com/PAN-SA-2020-0007"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:2412 vom 2020-07-13",
        "url": "https://access.redhat.com/errata/RHSA-2020:2412"
      },
      {
        "category": "external",
        "summary": "GENTOO Security Advisory GLSA-202007-03 vom 2020-07-27",
        "url": "https://security.gentoo.org/glsa/202007-03"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K66544153 vom 2020-08-03",
        "url": "https://support.f5.com/csp/article/K66544153"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K02453220 vom 2020-08-03",
        "url": "https://support.f5.com/csp/article/K02453220"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3247 vom 2020-08-04",
        "url": "https://access.redhat.com/errata/RHSA-2020:3247"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3369 vom 2020-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2020:3369"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2292-1 vom 2020-08-21",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007286.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2292-1 vom 2020-08-21",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007287.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2373-1 vom 2020-08-28",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007315.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2373-1 vom 2020-08-28",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007314.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2650-1 vom 2020-09-16",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007435.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:2650-1 vom 2020-09-16",
        "url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007436.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3807 vom 2020-09-23",
        "url": "https://access.redhat.com/errata/RHSA-2020:3807"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:3936 vom 2020-09-29",
        "url": "https://access.redhat.com/errata/RHSA-2020:3936"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:4211 vom 2020-10-08",
        "url": "https://access.redhat.com/errata/RHSA-2020:4211"
      },
      {
        "category": "external",
        "summary": "OTRS Security Advisory OSA-2020-14 vom 2020-10-12",
        "url": "https://community.otrs.com/security-advisory-2020-14/"
      },
      {
        "category": "external",
        "summary": "HCL Article KB0084264 vom 2020-10-14",
        "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0084264"
      },
      {
        "category": "external",
        "summary": "Tenable Security Advisory",
        "url": "https://de.tenable.com/security/tns-2020-10"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2020:5412 vom 2020-12-15",
        "url": "https://access.redhat.com/errata/RHSA-2020:5412"
      },
      {
        "category": "external",
        "summary": "EMC Security Advisory DSA-2020-262 vom 2021-01-16",
        "url": "https://www.dell.com/support/kbdoc/en-us/000180924/dsa-2020-262-dell-emc-networker-security-update-for-multiple-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Tenable Security Advisory",
        "url": "https://de.tenable.com/security/tns-2021-02"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0778 vom 2021-03-09",
        "url": "https://access.redhat.com/errata/RHSA-2021:0778"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:0860 vom 2021-03-16",
        "url": "https://access.redhat.com/errata/RHSA-2021:0860"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-0860 vom 2021-03-19",
        "url": "https://linux.oracle.com/errata/ELSA-2021-0860.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-2608 vom 2021-03-26",
        "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2021-1626 vom 2021-04-22",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1626.html"
      },
      {
        "category": "external",
        "summary": "Brocade Security Advisory",
        "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-972"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:1846 vom 2021-05-18",
        "url": "https://access.redhat.com/errata/RHSA-2021:1846"
      },
      {
        "category": "external",
        "summary": "Brocade Security Advisory BSA-2020-973 vom 2021-05-20",
        "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2020-973"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04175en_us"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-9400 vom 2021-08-09",
        "url": "https://linux.oracle.com/errata/ELSA-2021-9400.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2021:4142 vom 2021-11-09",
        "url": "https://access.redhat.com/errata/RHSA-2021:4142"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2021-9552 vom 2021-11-19",
        "url": "https://linux.oracle.com/errata/ELSA-2021-9552.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9177 vom 2022-03-01",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9177.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:6393 vom 2022-09-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:6393"
      },
      {
        "category": "external",
        "summary": "SolarWinds Platform 2022.3 Release Notes",
        "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2022-3_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6852773 vom 2023-01-05",
        "url": "https://www.ibm.com/support/pages/node/6852773"
      },
      {
        "category": "external",
        "summary": "Tenable Security Advisory TNS-2023-09 vom 2023-03-02",
        "url": "https://www.tenable.com/security/tns-2023-09"
      },
      {
        "category": "external",
        "summary": "SolarWinds Platform 2023.3 Release Notes",
        "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7060517 vom 2023-10-26",
        "url": "https://www.ibm.com/support/pages/node/7060517"
      },
      {
        "category": "external",
        "summary": "Moxa Security Advisory MPSA-230203 vom 2023-11-02",
        "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230203-pt-g503-series-multiple-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7160134 vom 2024-07-12",
        "url": "https://www.ibm.com/support/pages/node/7160134"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7178266 vom 2024-12-09",
        "url": "https://www.ibm.com/support/pages/node/7178266"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA92874 vom 2024-01-09",
        "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release"
      },
      {
        "category": "external",
        "summary": "CISA Known Exploited Vulnerabilities Catalog vom 2025-01-23",
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7246-1 vom 2025-01-30",
        "url": "https://ubuntu.com/security/notices/USN-7246-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1070 vom 2025-02-05",
        "url": "https://access.redhat.com/errata/RHSA-2025:1070"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1185 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1185"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1209 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1209"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1210 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1210"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1212 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1212"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1211 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1211"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1213 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1213"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1214 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1214"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1216 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1216"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1217 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1217"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1215 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1215"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1249 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1249"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1210 vom 2025-02-11",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1210.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1255 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1255"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1215 vom 2025-02-11",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1215.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1247 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1247"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1256 vom 2025-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2025:1256"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1304 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1304"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1329 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1329"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1346 vom 2025-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2025:1346"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1300 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1300"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1306 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1306"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1338 vom 2025-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2025:1338"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1308 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1308"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1312 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1312"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1303 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1303"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1310 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1310"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1305 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1305"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1315 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1315"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1314 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1314"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1301 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1301"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1309 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1309"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1342 vom 2025-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2025:1342"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1311 vom 2025-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2025:1311"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1300 vom 2025-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1300.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1301 vom 2025-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1301.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1309 vom 2025-02-13",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1309.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1306 vom 2025-02-14",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1306.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2025:1314 vom 2025-02-13",
        "url": "https://errata.build.resf.org/RLSA-2025:1314"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2025:1215 vom 2025-02-13",
        "url": "https://errata.build.resf.org/RLSA-2025:1215"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1338 vom 2025-02-14",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1338.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1346 vom 2025-02-14",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1346.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1515 vom 2025-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:1515"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1514 vom 2025-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:1514"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1601 vom 2025-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:1601"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1580 vom 2025-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:1580"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1329 vom 2025-02-19",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1329.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1983 vom 2025-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2025:1983"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2426 vom 2025-03-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:2426"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:1985 vom 2025-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2025:1985"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7185353 vom 2025-03-11",
        "url": "https://www.ibm.com/support/pages/node/7185353"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-1601 vom 2025-03-13",
        "url": "https://linux.oracle.com/errata/ELSA-2025-1601.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin",
        "url": "https://www.ibm.com/support/pages/node/7228945"
      },
      {
        "category": "external",
        "summary": "Juniper Security Bulletin",
        "url": "https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release?language=en_US"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4005 vom 2025-04-17",
        "url": "https://access.redhat.com/errata/RHSA-2025:4005"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7231915 vom 2025-04-26",
        "url": "https://www.ibm.com/support/pages/node/7231915"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7233394 vom 2025-05-14",
        "url": "https://www.ibm.com/support/pages/node/7233394"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:8278 vom 2025-05-29",
        "url": "https://rhn.redhat.com/errata/RHSA-2025:8278.html"
      }
    ],
    "source_lang": "en-US",
    "title": "jQuery: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
    "tracking": {
      "current_release_date": "2025-05-29T22:00:00.000+00:00",
      "generator": {
        "date": "2025-05-30T09:12:17.730+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2022-1347",
      "initial_release_date": "2020-05-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2020-05-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2020-05-21T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Drupal aufgenommen"
        },
        {
          "date": "2020-05-24T22:00:00.000+00:00",
          "number": "3",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-11BE4B36D4"
        },
        {
          "date": "2020-05-26T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2020-05-27T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-06-02T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-06-07T22:00:00.000+00:00",
          "number": "7",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-36D2DB5F51"
        },
        {
          "date": "2020-07-02T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-07-08T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Informationen von Palo Alto Networks aufgenommen"
        },
        {
          "date": "2020-07-13T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-07-26T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von GENTOO aufgenommen"
        },
        {
          "date": "2020-08-03T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von F5 aufgenommen"
        },
        {
          "date": "2020-08-04T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-08-06T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-08-23T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-08-30T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-09-06T22:00:00.000+00:00",
          "number": "17",
          "summary": "Referenz(en) aufgenommen: FEDORA-2020-FBB94073A1"
        },
        {
          "date": "2020-09-16T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2020-09-23T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-09-29T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-10-07T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2020-10-11T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von OTRS aufgenommen"
        },
        {
          "date": "2020-10-14T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von HCL aufgenommen"
        },
        {
          "date": "2020-12-07T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Tenable aufgenommen"
        },
        {
          "date": "2020-12-15T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-01-17T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von EMC aufgenommen"
        },
        {
          "date": "2021-02-17T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Tenable aufgenommen"
        },
        {
          "date": "2021-03-09T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-03-16T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-03-18T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2021-03-25T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2021-04-21T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2021-05-16T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von BROCADE aufgenommen"
        },
        {
          "date": "2021-05-18T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-05-20T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von BROCADE aufgenommen"
        },
        {
          "date": "2021-07-18T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von HP aufgenommen"
        },
        {
          "date": "2021-08-09T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2021-11-09T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2021-11-18T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-02-28T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2022-09-08T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-09-28T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2023-01-05T23:00:00.000+00:00",
          "number": "43",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-03-02T23:00:00.000+00:00",
          "number": "44",
          "summary": "Neue Updates von Tenable aufgenommen"
        },
        {
          "date": "2023-07-25T22:00:00.000+00:00",
          "number": "45",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2023-10-26T22:00:00.000+00:00",
          "number": "46",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-11-02T23:00:00.000+00:00",
          "number": "47",
          "summary": "Neue Updates von moxa aufgenommen"
        },
        {
          "date": "2024-07-11T22:00:00.000+00:00",
          "number": "48",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-12-09T23:00:00.000+00:00",
          "number": "49",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-01-08T23:00:00.000+00:00",
          "number": "50",
          "summary": "Neue Updates von Juniper aufgenommen"
        },
        {
          "date": "2025-01-23T23:00:00.000+00:00",
          "number": "51",
          "summary": "CVE-2020-11023 wird ausgenutzt"
        },
        {
          "date": "2025-01-30T23:00:00.000+00:00",
          "number": "52",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-02-05T23:00:00.000+00:00",
          "number": "53",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-09T23:00:00.000+00:00",
          "number": "54",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-10T23:00:00.000+00:00",
          "number": "55",
          "summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
        },
        {
          "date": "2025-02-11T23:00:00.000+00:00",
          "number": "56",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-12T23:00:00.000+00:00",
          "number": "57",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-02-13T23:00:00.000+00:00",
          "number": "58",
          "summary": "Neue Updates von Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2025-02-16T23:00:00.000+00:00",
          "number": "59",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-17T23:00:00.000+00:00",
          "number": "60",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-18T23:00:00.000+00:00",
          "number": "61",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-03-05T23:00:00.000+00:00",
          "number": "62",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-03-10T23:00:00.000+00:00",
          "number": "63",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-03-12T23:00:00.000+00:00",
          "number": "64",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-03-24T23:00:00.000+00:00",
          "number": "65",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-04-10T22:00:00.000+00:00",
          "number": "66",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-04-21T22:00:00.000+00:00",
          "number": "67",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-27T22:00:00.000+00:00",
          "number": "68",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-05-14T22:00:00.000+00:00",
          "number": "69",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2025-05-29T22:00:00.000+00:00",
          "number": "70",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "70"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Broadcom Brocade Switch",
            "product": {
              "name": "Broadcom Brocade Switch",
              "product_id": "T015844",
              "product_identification_helper": {
                "cpe": "cpe:/h:brocade:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Broadcom"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.4",
                "product": {
                  "name": "EMC NetWorker \u003c19.4",
                  "product_id": "T018107"
                }
              },
              {
                "category": "product_version",
                "name": "19.4",
                "product": {
                  "name": "EMC NetWorker 19.4",
                  "product_id": "T018107-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:emc:networker:19.4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "EMC"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "F5 BIG-IP",
            "product": {
              "name": "F5 BIG-IP",
              "product_id": "T001663",
              "product_identification_helper": {
                "cpe": "cpe:/a:f5:big-ip:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "F5"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "HCL BigFix",
            "product": {
              "name": "HCL BigFix",
              "product_id": "T017494",
              "product_identification_helper": {
                "cpe": "cpe:/a:hcltech:bigfix:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HCL"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c9.0.1a",
                "product": {
                  "name": "HPE Fabric OS \u003c9.0.1a",
                  "product_id": "T019354"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.1a",
                "product": {
                  "name": "HPE Fabric OS 9.0.1a",
                  "product_id": "T019354-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:hpe:fabric_os:v9.0.1a"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Fabric OS"
          },
          {
            "category": "product_name",
            "name": "HPE Switch",
            "product": {
              "name": "HPE Switch",
              "product_id": "T005119",
              "product_identification_helper": {
                "cpe": "cpe:/h:hp:switch:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "HPE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM MQ",
            "product": {
              "name": "IBM MQ",
              "product_id": "T021398",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:mq:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "7.6.1.2",
                "product": {
                  "name": "IBM Maximo Asset Management 7.6.1.2",
                  "product_id": "812526",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Maximo Asset Management"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP9",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP9",
                  "product_id": "T036127"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP9",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP9",
                  "product_id": "T036127-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up9"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP11 IF03",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF03",
                  "product_id": "T041724"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP11 IF03",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP11 IF03",
                  "product_id": "T041724-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if03"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP11 IF04",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF04",
                  "product_id": "T043169"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP11 IF04",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP11 IF04",
                  "product_id": "T043169-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if04"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.5.0 UP12",
                "product": {
                  "name": "IBM QRadar SIEM \u003c7.5.0 UP12",
                  "product_id": "T043784"
                }
              },
              {
                "category": "product_version",
                "name": "7.5.0 UP12",
                "product": {
                  "name": "IBM QRadar SIEM 7.5.0 UP12",
                  "product_id": "T043784-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up12"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "QRadar SIEM"
          },
          {
            "category": "product_name",
            "name": "IBM Storage Scale",
            "product": {
              "name": "IBM Storage Scale",
              "product_id": "T019402",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:spectrum_scale:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "IP Edition \u003c=4.2.0.15",
                "product": {
                  "name": "IBM Tivoli Network Manager IP Edition \u003c=4.2.0.15",
                  "product_id": "T025750"
                }
              },
              {
                "category": "product_version_range",
                "name": "IP Edition \u003c=4.2.0.15",
                "product": {
                  "name": "IBM Tivoli Network Manager IP Edition \u003c=4.2.0.15",
                  "product_id": "T025750-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Tivoli Network Manager"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c24.1R2",
                "product": {
                  "name": "Juniper Junos Space \u003c24.1R2",
                  "product_id": "T040074"
                }
              },
              {
                "category": "product_version",
                "name": "24.1R2",
                "product": {
                  "name": "Juniper Junos Space 24.1R2",
                  "product_id": "T040074-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:juniper:junos_space:24.1r2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Junos Space"
          }
        ],
        "category": "vendor",
        "name": "Juniper"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cPT-G503 v5.3",
                "product": {
                  "name": "Moxa Switch \u003cPT-G503 v5.3",
                  "product_id": "T030907"
                }
              },
              {
                "category": "product_version",
                "name": "PT-G503 v5.3",
                "product": {
                  "name": "Moxa Switch PT-G503 v5.3",
                  "product_id": "T030907-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:moxa:switch:pt-g503_v5.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Switch"
          }
        ],
        "category": "vendor",
        "name": "Moxa"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.5.0",
                "product": {
                  "name": "Open Source jQuery \u003c3.5.0",
                  "product_id": "T016413"
                }
              },
              {
                "category": "product_version",
                "name": "3.5.0",
                "product": {
                  "name": "Open Source jQuery 3.5.0",
                  "product_id": "T016413-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:jquery:jquery:3.5.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "jQuery"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "PaloAlto Networks PAN-OS",
            "product": {
              "name": "PaloAlto Networks PAN-OS",
              "product_id": "T012790",
              "product_identification_helper": {
                "cpe": "cpe:/o:paloaltonetworks:pan-os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Service Interconnect 1",
                "product": {
                  "name": "Red Hat Enterprise Linux Service Interconnect 1",
                  "product_id": "T028472",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:service_interconnect_1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Discovery",
                "product": {
                  "name": "Red Hat Enterprise Linux Discovery",
                  "product_id": "T040951",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:discovery"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Logging \u003c5.9.12",
                "product": {
                  "name": "Red Hat OpenShift Logging \u003c5.9.12",
                  "product_id": "T041594"
                }
              },
              {
                "category": "product_version",
                "name": "Logging 5.9.12",
                "product": {
                  "name": "Red Hat OpenShift Logging 5.9.12",
                  "product_id": "T041594-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:logging__5.9.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Logging \u003c5.8.18",
                "product": {
                  "name": "Red Hat OpenShift Logging \u003c5.8.18",
                  "product_id": "T041595"
                }
              },
              {
                "category": "product_version",
                "name": "Logging 5.8.18",
                "product": {
                  "name": "Red Hat OpenShift Logging 5.8.18",
                  "product_id": "T041595-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:logging__5.8.18"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "16.2",
                "product": {
                  "name": "Red Hat OpenStack 16.2",
                  "product_id": "T023999",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:16.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenStack"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SolarWinds Orion",
            "product": {
              "name": "SolarWinds Orion",
              "product_id": "T024734",
              "product_identification_helper": {
                "cpe": "cpe:/a:solarwinds:orion_core_services:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2023.3",
                "product": {
                  "name": "SolarWinds Platform \u003c2023.3",
                  "product_id": "T028897"
                }
              },
              {
                "category": "product_version",
                "name": "2023.3",
                "product": {
                  "name": "SolarWinds Platform 2023.3",
                  "product_id": "T028897-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:orion_platform:2023.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Platform"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Tenable Security Nessus",
                "product": {
                  "name": "Tenable Security Nessus",
                  "product_id": "T016399",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:tenable:nessus:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.5.0",
                "product": {
                  "name": "Tenable Security Nessus \u003c10.5.0",
                  "product_id": "T026604"
                }
              },
              {
                "category": "product_version",
                "name": "10.5.0",
                "product": {
                  "name": "Tenable Security Nessus 10.5.0",
                  "product_id": "T026604-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:tenable:nessus:10.5.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Nessus"
          },
          {
            "category": "product_name",
            "name": "Tenable Security Nessus Network Monitor",
            "product": {
              "name": "Tenable Security Nessus Network Monitor",
              "product_id": "T016632",
              "product_identification_helper": {
                "cpe": "cpe:/a:tenable:nessus_network_monitor:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Tenable Security"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-11022",
      "product_status": {
        "known_affected": [
          "67646",
          "T015844",
          "T016413",
          "T016632",
          "T036127",
          "T004914",
          "T016399",
          "T017494",
          "T012790",
          "T019354",
          "T023999",
          "T043784",
          "T043169",
          "T040074",
          "T026604",
          "T018107",
          "T001663",
          "812526",
          "398363",
          "T040951",
          "T021398",
          "T028472",
          "T041724",
          "T005119",
          "T012167",
          "T032255",
          "T041594",
          "T019402",
          "2951",
          "T002207",
          "T000126",
          "T024734",
          "T028897",
          "T030907",
          "T041595"
        ],
        "last_affected": [
          "T025750"
        ]
      },
      "release_date": "2020-05-03T22:00:00.000+00:00",
      "title": "CVE-2020-11022"
    },
    {
      "cve": "CVE-2020-11023",
      "product_status": {
        "known_affected": [
          "67646",
          "T015844",
          "T016413",
          "T016632",
          "T036127",
          "T004914",
          "T016399",
          "T017494",
          "T012790",
          "T019354",
          "T023999",
          "T043784",
          "T043169",
          "T040074",
          "T026604",
          "T018107",
          "T001663",
          "812526",
          "398363",
          "T040951",
          "T021398",
          "T028472",
          "T041724",
          "T005119",
          "T012167",
          "T032255",
          "T041594",
          "T019402",
          "2951",
          "T002207",
          "T000126",
          "T024734",
          "T028897",
          "T030907",
          "T041595"
        ],
        "last_affected": [
          "T025750"
        ]
      },
      "release_date": "2020-05-03T22:00:00.000+00:00",
      "title": "CVE-2020-11023"
    }
  ]
}

CVE-2020-11022 (GCVE-0-2020-11022)

Vulnerability from cvelistv5 – Published: 2020-04-29 00:00 – Updated: 2026-04-13 13:53

Title

jQuery has a potential XSS vulnerability

Summary

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Severity ?

6.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/jquery/jquery/security/advisor…	x_refsource_CONFIRM
	https://github.com/maximebf/php-debugbar/issues/447	x_refsource_MISC
	https://github.com/jquery/jquery/commit/1d61fd940…	x_refsource_MISC
	https://github.com/maximebf/php-debugbar/commit/8…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	x_refsource_MISC
	https://lists.opensuse.org/opensuse-security-anno…	x_refsource_MISC
	https://lists.opensuse.org/opensuse-security-anno…	x_refsource_MISC
	https://lists.opensuse.org/opensuse-security-anno…	x_refsource_MISC
	https://packetstormsecurity.com/files/162159/jQue…	x_refsource_MISC
	https://security.gentoo.org/glsa/202007-03	x_refsource_MISC
	https://www.debian.org/security/2020/dsa-4693	x_refsource_MISC
	https://www.drupal.org/sa-core-2020-002	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuapr2022.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujan2022.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujul2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpujul2022.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC
	https://www.tenable.com/security/tns-2020-10	x_refsource_MISC
	https://www.tenable.com/security/tns-2020-11	x_refsource_MISC
	https://www.tenable.com/security/tns-2021-02	x_refsource_MISC
	https://www.tenable.com/security/tns-2021-10	x_refsource_MISC
	https://blog.jquery.com/2020/04/10/jquery-3-5-0-r…	x_refsource_MISC
	https://github.com/jquery/jquery/releases/tag/3.5.0	x_refsource_MISC
	https://github.com/rubysec/ruby-advisory-db/blob/…	x_refsource_MISC
	https://jquery.com/upgrade-guide/3.5	x_refsource_MISC
	https://lists.apache.org/thread.html/r0483ba00727…	x_refsource_MISC
	https://lists.apache.org/thread.html/r49ce4243b47…	x_refsource_MISC
	https://lists.apache.org/thread.html/r54565a8f025…	x_refsource_MISC
	https://lists.apache.org/thread.html/r564585d97bc…	x_refsource_MISC
	https://lists.apache.org/thread.html/r706cfbc0984…	x_refsource_MISC
	https://lists.apache.org/thread.html/r8f70b0f65d6…	x_refsource_MISC
	https://lists.apache.org/thread.html/rbb448222ba6…	x_refsource_MISC
	https://lists.apache.org/thread.html/rdf44341677c…	x_refsource_MISC
	https://lists.apache.org/thread.html/re4ae96fa5c1…	x_refsource_MISC
	https://lists.apache.org/thread.html/rede9cfaa756…	x_refsource_MISC
	https://lists.apache.org/thread.html/ree3bd8ddb23…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2021…	x_refsource_MISC
	https://lists.debian.org/debian-lts-announce/2023…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	x_refsource_MISC
	http://security.netapp.com/advisory/ntap-20200511-0006	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	jquery	jQuery	Affected: >= 1.12.0, < 3.5.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T11:21:14.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4693",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4693"
          },
          {
            "name": "FEDORA-2020-11be4b36d4",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/"
          },
          {
            "name": "FEDORA-2020-36d2db5f51",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jquery.com/upgrade-guide/3.5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200511-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.drupal.org/sa-core-2020-002"
          },
          {
            "name": "openSUSE-SU-2020:1060",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
          },
          {
            "name": "GLSA-202007-03",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-03"
          },
          {
            "name": "openSUSE-SU-2020:1106",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
          },
          {
            "name": "[airflow-commits] 20200820 [GitHub] [airflow] breser opened a new issue #10429: jquery dependency needs to be updated to 3.5.0 or newer",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133%40%3Ccommits.airflow.apache.org%3E"
          },
          {
            "name": "FEDORA-2020-fbb94073a1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"
          },
          {
            "name": "FEDORA-2020-0b32a59b54",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"
          },
          {
            "name": "FEDORA-2020-fe94df8c34",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "openSUSE-SU-2020:1888",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"
          },
          {
            "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2020-11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2020-10"
          },
          {
            "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"
          },
          {
            "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jQuery",
          "vendor": "jquery",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.12.0, \u003c 3.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-13T13:53:08.239Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"
        },
        {
          "name": "https://github.com/maximebf/php-debugbar/issues/447",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/maximebf/php-debugbar/issues/447"
        },
        {
          "name": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77"
        },
        {
          "name": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W"
        },
        {
          "name": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
        },
        {
          "name": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
        },
        {
          "name": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"
        },
        {
          "name": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://packetstormsecurity.com/files/162159/jQuery-1.2-Cross-Site-Scripting.html"
        },
        {
          "name": "https://security.gentoo.org/glsa/202007-03",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.gentoo.org/glsa/202007-03"
        },
        {
          "name": "https://www.debian.org/security/2020/dsa-4693",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4693"
        },
        {
          "name": "https://www.drupal.org/sa-core-2020-002",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.drupal.org/sa-core-2020-002"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpujul2020.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpujul2021.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2021.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "name": "https://www.oracle.com/security-alerts/cpuoct2021.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "name": "https://www.tenable.com/security/tns-2020-10",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/tns-2020-10"
        },
        {
          "name": "https://www.tenable.com/security/tns-2020-11",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/tns-2020-11"
        },
        {
          "name": "https://www.tenable.com/security/tns-2021-02",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/tns-2021-02"
        },
        {
          "name": "https://www.tenable.com/security/tns-2021-10",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/tns-2021-10"
        },
        {
          "name": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"
        },
        {
          "name": "https://github.com/jquery/jquery/releases/tag/3.5.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jquery/jquery/releases/tag/3.5.0"
        },
        {
          "name": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2020-11022.yml"
        },
        {
          "name": "https://jquery.com/upgrade-guide/3.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jquery.com/upgrade-guide/3.5"
        },
        {
          "name": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"
        },
        {
          "name": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4"
        },
        {
          "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B"
        },
        {
          "name": "http://security.netapp.com/advisory/ntap-20200511-0006",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://security.netapp.com/advisory/ntap-20200511-0006"
        }
      ],
      "source": {
        "advisory": "GHSA-gxr4-xjj5-5px2",
        "discovery": "UNKNOWN"
      },
      "title": "jQuery has a potential XSS vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-11022",
    "datePublished": "2020-04-29T00:00:00.000Z",
    "dateReserved": "2020-03-30T00:00:00.000Z",
    "dateUpdated": "2026-04-13T13:53:08.239Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2020-11023 (GCVE-0-2020-11023)

Vulnerability from cvelistv5 – Published: 2020-04-29 00:00 – Updated: 2025-10-21 23:35

Title

Potential XSS vulnerability in jQuery

Summary

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Severity ?

6.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

GitHub_M

References

URL

Tags

	https://www.debian.org/security/2020/dsa-4693	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://www.oracle.com/security-alerts/cpujul2020.html
	https://jquery.com/upgrade-guide/3.5/
	https://security.netapp.com/advisory/ntap-2020051…
	https://www.drupal.org/sa-core-2020-002
	https://github.com/jquery/jquery/security/advisor…
	https://blog.jquery.com/2020/04/10/jquery-3-5-0-r…
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://security.gentoo.org/glsa/202007-03	vendor-advisory
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://lists.apache.org/thread.html/r094f4355955…	mailing-list
	https://lists.apache.org/thread.html/rf661a90a15d…	mailing-list
	https://lists.apache.org/thread.html/r9c5fda81e4b…	mailing-list
	https://lists.apache.org/thread.html/ra3c9219fcb0…	mailing-list
	https://lists.apache.org/thread.html/radcb2aa874a…	mailing-list
	https://lists.apache.org/thread.html/rd38b4185a79…	mailing-list
	https://lists.apache.org/thread.html/r6e97b379639…	mailing-list
	https://lists.apache.org/thread.html/rb69b7d8217c…	mailing-list
	https://lists.apache.org/thread.html/r4aadb98086c…	mailing-list
	https://lists.apache.org/thread.html/ra374bb0299b…	mailing-list
	https://lists.apache.org/thread.html/rb25c3bc7418…	mailing-list
	https://lists.apache.org/thread.html/rf1ba79e564f…	mailing-list
	https://lists.apache.org/thread.html/ra32c7103ded…	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.apache.org/thread.html/ra406b3adfcf…	mailing-list
	https://lists.apache.org/thread.html/rab82dd040f3…	mailing-list
	https://lists.apache.org/thread.html/r6c4df3b33e6…	mailing-list
	https://lists.apache.org/thread.html/r1fed19c860a…	mailing-list
	https://lists.apache.org/thread.html/r0593393ca1e…	mailing-list
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.apache.org/thread.html/rda99599896c…	mailing-list
	https://www.oracle.com/security-alerts/cpuoct2020.html
	https://lists.apache.org/thread.html/r706cfbc0984…	mailing-list
	https://lists.apache.org/thread.html/rbb448222ba6…	mailing-list
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisory
	https://lists.apache.org/thread.html/r49ce4243b47…	mailing-list
	https://lists.apache.org/thread.html/r2c85121a474…	mailing-list
	https://lists.apache.org/thread.html/r4dba67be323…	mailing-list
	https://lists.apache.org/thread.html/r3702ede0ff8…	mailing-list
	https://lists.apache.org/thread.html/r07ab379471f…	mailing-list
	https://lists.apache.org/thread.html/r9e0bd31b7da…	mailing-list
	https://lists.apache.org/thread.html/rf0f89395960…	mailing-list
	https://lists.apache.org/thread.html/r9006ad2abf8…	mailing-list
	https://lists.apache.org/thread.html/r55f5e066cc7…	mailing-list
	https://www.oracle.com/security-alerts/cpujan2021.html
	https://lists.apache.org/thread.html/r8f70b0f65d6…	mailing-list
	https://lists.apache.org/thread.html/r564585d97bc…	mailing-list
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	https://lists.apache.org/thread.html/ree3bd8ddb23…	mailing-list
	https://lists.apache.org/thread.html/rede9cfaa756…	mailing-list
	https://lists.apache.org/thread.html/r54565a8f025…	mailing-list
	https://lists.apache.org/thread.html/re4ae96fa5c1…	mailing-list
	https://www.oracle.com/security-alerts/cpuApr2021.html
	https://www.tenable.com/security/tns-2021-10
	https://www.tenable.com/security/tns-2021-02
	http://packetstormsecurity.com/files/162160/jQuer…
	https://www.oracle.com//security-alerts/cpujul2021.html
	https://www.oracle.com/security-alerts/cpuoct2021.html
	https://lists.apache.org/thread.html/r0483ba00727…	mailing-list
	https://www.oracle.com/security-alerts/cpujan2022.html
	https://www.oracle.com/security-alerts/cpuapr2022.html
	https://www.oracle.com/security-alerts/cpujul2022.html
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list

Impacted products

	Vendor	Product	Version
	jquery	jQuery	Affected: >= 1.0.3, < 3.5.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-23T21:07:47.681Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://github.com/github/advisory-database/blob/99afa6fdeaf5d1d23e1021ff915a5e5dbc82c1f1/advisories/github-reviewed/2020/04/GHSA-jpcq-cgw6-v4j6/GHSA-jpcq-cgw6-v4j6.json#L20-L37"
          },
          {
            "name": "DSA-4693",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4693"
          },
          {
            "name": "FEDORA-2020-36d2db5f51",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jquery.com/upgrade-guide/3.5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200511-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.drupal.org/sa-core-2020-002"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"
          },
          {
            "name": "openSUSE-SU-2020:1060",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
          },
          {
            "name": "GLSA-202007-03",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202007-03"
          },
          {
            "name": "openSUSE-SU-2020:1106",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
          },
          {
            "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "FEDORA-2020-fbb94073a1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"
          },
          {
            "name": "FEDORA-2020-0b32a59b54",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"
          },
          {
            "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E"
          },
          {
            "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E"
          },
          {
            "name": "FEDORA-2020-fe94df8c34",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"
          },
          {
            "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"
          },
          {
            "name": "openSUSE-SU-2020:1888",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"
          },
          {
            "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E"
          },
          {
            "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E"
          },
          {
            "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"
          },
          {
            "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"
          },
          {
            "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/tns-2021-02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
          },
          {
            "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-11023",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-23T18:07:17.892570Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2025-01-23",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:35:45.230Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-11023"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2025-01-23T00:00:00.000Z",
            "value": "CVE-2020-11023 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jQuery",
          "vendor": "jquery",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.0.3, \u003c 3.5.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-31T02:06:42.262Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "DSA-4693",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4693"
        },
        {
          "name": "FEDORA-2020-36d2db5f51",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
        },
        {
          "url": "https://jquery.com/upgrade-guide/3.5/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20200511-0006/"
        },
        {
          "url": "https://www.drupal.org/sa-core-2020-002"
        },
        {
          "url": "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"
        },
        {
          "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released"
        },
        {
          "name": "openSUSE-SU-2020:1060",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html"
        },
        {
          "name": "GLSA-202007-03",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202007-03"
        },
        {
          "name": "openSUSE-SU-2020:1106",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html"
        },
        {
          "name": "[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248%40%3Cdev.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "FEDORA-2020-fbb94073a1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/"
        },
        {
          "name": "FEDORA-2020-0b32a59b54",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/"
        },
        {
          "name": "[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9%40%3Ccommits.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c%40%3Cgitbox.hive.apache.org%3E"
        },
        {
          "name": "[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb%40%3Cissues.hive.apache.org%3E"
        },
        {
          "name": "FEDORA-2020-fe94df8c34",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/"
        },
        {
          "name": "[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679%40%3Ccommits.nifi.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "name": "[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67%40%3Cdev.flink.apache.org%3E"
        },
        {
          "name": "openSUSE-SU-2020:1888",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html"
        },
        {
          "name": "[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817%40%3Cdev.felix.apache.org%3E"
        },
        {
          "name": "[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 \u003c jQuery \u003c3.4.0 is vulnerable to CVE-2020-11023 (#64)",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c%40%3Ccommits.felix.apache.org%3E"
        },
        {
          "name": "[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 \u003c jQuery \u003c3.5.0 is vulnerable to CVE-2020-11023",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494%40%3Cdev.felix.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "name": "[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html"
        },
        {
          "name": "[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae%40%3Cissues.flink.apache.org%3E"
        },
        {
          "name": "[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108%40%3Cissues.flink.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-10"
        },
        {
          "url": "https://www.tenable.com/security/tns-2021-02"
        },
        {
          "url": "http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html"
        },
        {
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
        },
        {
          "name": "[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36%40%3Cissues.flink.apache.org%3E"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
        },
        {
          "name": "[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html"
        }
      ],
      "source": {
        "advisory": "GHSA-jpcq-cgw6-v4j6",
        "discovery": "UNKNOWN"
      },
      "title": "Potential XSS vulnerability in jQuery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-11023",
    "datePublished": "2020-04-29T00:00:00.000Z",
    "dateReserved": "2020-03-30T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:35:45.230Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2022-1347

CVE-2020-11022 (GCVE-0-2020-11022)

CVE-2020-11023 (GCVE-0-2020-11023)

Tags

Sightings

Nomenclature