CVE-2018-18405

** DISPUTED ** jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry.
Configurations

Configuration 1 (hide)

cpe:2.3:a:jquery:jquery:2.2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-04-22 18:15

Updated : 2024-08-05 11:15


NVD link : CVE-2018-18405

Mitre link : CVE-2018-18405

CVE.ORG link : CVE-2018-18405


JSON object : View

Products Affected

jquery

  • jquery
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')