Closed mend-bolt-for-github[bot] closed 2 years ago
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.4/jquery.min.js
Path to dependency file: angular-material-rail-drawer-plugin/node_modules/selenium-webdriver/lib/test/data/droppableItems.html
Path to vulnerable library: angular-material-rail-drawer-plugin/node_modules/selenium-webdriver/lib/test/data/js/jquery-1.4.4.min.js
Dependency Hierarchy: - :x: **jquery-1.4.4.min.js** (Vulnerable Library)
Found in HEAD commit: e2a635ee3b3d0a5deb8a12c693a1948003799ec6
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Publish Date: 2013-03-08
URL: CVE-2011-4969
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969
Release Date: 2013-03-08
Fix Resolution: 1.6.3
Step up your Open Source Security Game with WhiteSource here
CVE-2011-4969 - Medium Severity Vulnerability
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.4.4/jquery.min.js
Path to dependency file: angular-material-rail-drawer-plugin/node_modules/selenium-webdriver/lib/test/data/droppableItems.html
Path to vulnerable library: angular-material-rail-drawer-plugin/node_modules/selenium-webdriver/lib/test/data/js/jquery-1.4.4.min.js
Dependency Hierarchy: - :x: **jquery-1.4.4.min.js** (Vulnerable Library)
Found in HEAD commit: e2a635ee3b3d0a5deb8a12c693a1948003799ec6
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Publish Date: 2013-03-08
URL: CVE-2011-4969
Base Score Metrics not available
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969
Release Date: 2013-03-08
Fix Resolution: 1.6.3
Step up your Open Source Security Game with WhiteSource here