Path to vulnerable library: /impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/abstract/js/jquery-1.4.2.min.js,/impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/old-ocean/js/jquery-1.4.2.min.js,/impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/responsive/js/jquery-1.4.2.min.js
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
CVE-2011-4969 - Medium Severity Vulnerability
Vulnerable Library - jquery-1.4.2.min.js
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.2/jquery.min.js
Path to vulnerable library: /impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/abstract/js/jquery-1.4.2.min.js,/impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/old-ocean/js/jquery-1.4.2.min.js,/impresscms/htdocs/libraries/phpmailer/vendor/phpdocumentor/phpdocumentor/data/templates/responsive/js/jquery-1.4.2.min.js
Dependency Hierarchy: - :x: **jquery-1.4.2.min.js** (Vulnerable Library)
Found in HEAD commit: 52ca963c2c62a930b5d996a4e8b03c955feede32
Vulnerability Details
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Publish Date: 2013-03-08
URL: CVE-2011-4969
CVSS 2 Score Details (4.3)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969
Release Date: 2013-03-08
Fix Resolution: 1.6.3
Step up your Open Source Security Game with WhiteSource here