Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
References
Link | Resource |
---|---|
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ | Release Notes |
https://security.netapp.com/advisory/ntap-20230725-0003/ | Third Party Advisory |
https://snyk.io/vuln/SNYK-JS-JQUERY-565129 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
01 Apr 2024, 15:43
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.netapp.com/advisory/ntap-20230725-0003/ - Third Party Advisory | |
First Time |
Netapp
Netapp cloud Backup Netapp virtual Desktop Service Netapp active Iq Unified Manager Netapp management Services For Element Software And Netapp Hci Netapp brocade San Navigator |
|
CPE | cpe:2.3:a:netapp:brocade_san_navigator:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:virtual_desktop_service:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:* |
25 Jul 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Jul 2023, 01:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-26 19:15
Updated : 2024-04-01 15:43
NVD link : CVE-2020-23064
Mitre link : CVE-2020-23064
CVE.ORG link : CVE-2020-23064
JSON object : View
Products Affected
netapp
- cloud_backup
- active_iq_unified_manager
- brocade_san_navigator
- management_services_for_element_software_and_netapp_hci
- virtual_desktop_service
jquery
- jquery
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')