Lucene search
Ubuntu.comUB:CVE-2015-9251HistoryJan 18, 2018 - 12:00 a.m.
CVE-2015-9251
2018-01-1800:00:00
ubuntu.com
ubuntu.com
82
0.007 Low
EPSS
Percentile
79.6%
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks
when a cross-domain Ajax request is performed without the dataType option,
causing text/javascript responses to be executed.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | fix is intrusive and backwards-incompatible, see bug 3011 Due to this, we will not be fixing this issue in Ubuntu stable releases. Marking as ignored. |
References
github.com/jquery/jquery/pull/2588
github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2
launchpad.net/bugs/cve/CVE-2015-9251
nvd.nist.gov/vuln/detail/CVE-2015-9251
security-tracker.debian.org/tracker/CVE-2015-9251
snyk.io/vuln/npm:jquery:20150627
www.cve.org/CVERecord?id=CVE-2015-9251
Related
cvelist
cvelist
CVE-2015-9251
2018-01-18 23:00:00
openvas
openvas
jQuery < 3.0.0 XSS Vulnerability
2018-11-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0737-1)
2021-04-19 00:00:00
ibm
ibm
f5
f5
K29562170 : jQuery vulnerability CVE-2015-9251
2020-02-19 00:00:00
ics
ics
AVEVA InTouch Access Anywhere
2018-07-31 12:00:00
Philips Vue PACS (Update C)
2023-02-21 12:00:00
Pepperl+Fuchs WirelessHART-Gateway
2022-04-07 12:00:00
attackerkb
attackerkb
CVE-2015-9251
2018-01-18 00:00:00
cloudfoundry
cloudfoundry
CVE-2015-9251: UAA contains vulnerable jQuery version | Cloud Foundry
2019-07-08 00:00:00
cve
cve
CVE-2015-9251
2018-01-18 23:29:00
CVE-2017-16012
2018-06-04 19:29:00
debiancve
debiancve
CVE-2015-9251
2018-01-18 23:29:00
prion
prion
Cross site scripting
2018-01-18 23:29:00
github
github
Cross-Site Scripting (XSS) in jquery
2018-01-22 13:32:06
alpinelinux
alpinelinux
CVE-2015-9251
2018-01-18 23:29:00
CVE-2017-16012
2018-06-04 19:29:00
osv
osv
CVE-2015-9251
2018-01-18 23:29:00
Cross-Site Scripting (XSS) in jquery
2018-01-22 13:32:06
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
freebsd
freebsd
rt -- XSS via jQuery
2019-03-05 00:00:00
RDoc -- multiple jQuery vulnerabilities
2019-08-28 00:00:00
nessus
nessus
FreeBSD : rt -- XSS via jQuery (416ca0f4-3fe0-11e9-bbdd-6805ca0b3d42)
2019-03-07 00:00:00
JQuery < 3.0.0 XSS
2019-05-15 00:00:00
hackerone
hackerone
Ruby: Ruby is shipping a vulnerable jQuery
2019-03-30 14:10:34
atlassian
atlassian
Jira uses vulnerable jQuery version CVE-2015-9251
2020-04-20 13:29:57
The jQuery version used in JIRA needs to be updated
2015-05-18 09:31:54
Update jQuery to avoid CVE-2020-11022, CVE-2020-11023, and CVE-2015-9251
2021-02-16 18:28:38
laminas
laminas
XSS and RCE vectors in laminas-api-tools/api-tools-documentation-swagger
2020-04-01 21:30:00
XSS vectors in laminas-api-tools/api-tools
2020-04-01 21:30:00
fortinet
fortinet
Protect
2019-04-10 00:00:00
archlinux
archlinux
[ASA-201910-4] ruby-rdoc: cross-site scripting
2019-10-02 00:00:00
[ASA-201910-5] ruby2.5: multiple issues
2019-10-02 00:00:00
redhat
redhat
suse
suse
Recommended update for ruby2.5 (important)
2020-03-28 00:00:00
amazon
amazon
Important: ruby24
2020-08-26 23:09:00
Medium: ipa
2020-10-22 17:40:00
oraclelinux
oraclelinux
ipa security, bug fix, and enhancement update
2020-10-06 00:00:00
idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-10 00:00:00
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-10 00:00:00
rocky
rocky
idm:DL1 and idm:client security, bug fix, and enhancement update
2020-11-03 12:25:36
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
2020-11-03 12:29:58
centos
centos
ipa, python2 security update
2020-10-20 18:15:27
almalinux
almalinux
thn
thn
Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems
2021-07-09 07:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2019
2020-01-22 00:00:00
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00
Oracle Critical Patch Update - October 2018
2018-12-18 00:00:00