BDSA-2014-0063(HIGH): jQuery is vulnerable to cross-site scripting (XSS) due to lack of validation of user-supplied input. This could allow an attacker to inject arbitrary web scripts and steal a victim's session cookies.
BDSA-2017-2930(HIGH): jQuery is vulnerable to cross-site scripting (XSS) due to the way it processes certain types of Ajax requests. This can allow potential attackers to execute arbitrary code on the target system.
BDSA-2019-1138(HIGH): An improper input validation vulnerability has been discovered in JQuery. An attacker could exploit this vulnerability to execute cross-site scripting (XSS) attacks, trigger a denial-of-service (DoS) condition, or gain unauthorized access to the application.
BDSA-2020-0686(HIGH): It was discovered that jQuery could allow for cross-site scripting (XSS) vulnerabilities to be introduced if jQuery.htmlPrefilter method is used. Attackers could exploit XSS vulnerabilities to execute JavaScript code in a target's browser by tricking them into accessing the vulnerable page. This would allow an attacker to steal an administrator's session tokens or execute arbitrary code on their behalf by sending the link to an unsuspecting user or waiting for them to discover it.
BDSA-2020-0964(HIGH): It was discovered that jQuery could allow for cross-site scripting (XSS) vulnerabilities to be introduced if certain HTML is passed to Document Object Model (DOM) manipulation methods. Attackers could exploit XSS vulnerabilities to execute JavaScript code in a target browser by tricking them into accessing the vulnerable page. This would allow an attacker to steal an administrator's session tokens or execute arbitrary code on their behalf by sending the link to an unsuspecting user or waiting for them to discover it.
Vulnerabilities associated with jquery/2.2.4
BDSA-2014-0063 (HIGH): jQuery is vulnerable to cross-site scripting (XSS) due to lack of validation of user-supplied input. This could allow an attacker to inject arbitrary web scripts and steal a victim's session cookies.
BDSA-2017-2930 (HIGH): jQuery is vulnerable to cross-site scripting (XSS) due to the way it processes certain types of Ajax requests. This can allow potential attackers to execute arbitrary code on the target system.
BDSA-2019-1138 (HIGH): An improper input validation vulnerability has been discovered in JQuery. An attacker could exploit this vulnerability to execute cross-site scripting (XSS) attacks, trigger a denial-of-service (DoS) condition, or gain unauthorized access to the application.
BDSA-2020-0686 (HIGH): It was discovered that jQuery could allow for cross-site scripting (XSS) vulnerabilities to be introduced if
jQuery.htmlPrefiltermethod is used. Attackers could exploit XSS vulnerabilities to execute JavaScript code in a target's browser by tricking them into accessing the vulnerable page. This would allow an attacker to steal an administrator's session tokens or execute arbitrary code on their behalf by sending the link to an unsuspecting user or waiting for them to discover it.BDSA-2020-0964 (HIGH): It was discovered that jQuery could allow for cross-site scripting (XSS) vulnerabilities to be introduced if certain HTML is passed to Document Object Model (DOM) manipulation methods. Attackers could exploit XSS vulnerabilities to execute JavaScript code in a target browser by tricking them into accessing the vulnerable page. This would allow an attacker to steal an administrator's session tokens or execute arbitrary code on their behalf by sending the link to an unsuspecting user or waiting for them to discover it.
Click Here To See More Details On Server