DERO: Secure, Anonymous Blockchain with Smart Contracts. Subscribe to Dero announcements by sending mail to lists@dero.io with subject: subscribe announcements
28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331
1
medium
28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331
1
jquery
3.2.1
Found in https://wallet.dero.io/static/deps/jquery-3.2.1.js _____Vulnerability info:mediumCVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution123mediumCVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS1mediumCVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS1
medium
CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
123
medium
CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
1
medium
CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
1
medium
CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution
123
medium
CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
1
medium
CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
According to retire.js:
`