CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
Percentile
72.8%
jQuery-UI is the official jQuery user interface library. Prior to version
1.13.0, accepting the value of various *Text
options of the Datepicker
widget from untrusted sources may execute untrusted code. The issue is
fixed in jQuery UI 1.13.0. The values passed to various *Text
options are
now always treated as pure text, not HTML. A workaround is to not accept
the value of the *Text
options from untrusted sources.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | jqueryui | < 1.12.1+dfsg-5ubuntu0.18.04.1~esm3 | UNKNOWN |
ubuntu | 20.04 | noarch | jqueryui | < 1.12.1+dfsg-5ubuntu0.20.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | jqueryui | < 1.10.1+dfsg-1ubuntu0.14.04.1~esm1 | UNKNOWN |
ubuntu | 16.04 | noarch | jqueryui | < 1.10.1+dfsg-1ubuntu0.16.04.1~esm1 | UNKNOWN |
blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/
bugs.jqueryui.com/ticket/15284
github.com/jquery/jquery-ui/pull/1953
github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4
launchpad.net/bugs/cve/CVE-2021-41183
nvd.nist.gov/vuln/detail/CVE-2021-41183
security-tracker.debian.org/tracker/CVE-2021-41183
ubuntu.com/security/notices/USN-6419-1
www.cve.org/CVERecord?id=CVE-2021-41183
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
Percentile
72.8%