npm

Severity: high

Cross-Site Scripting

jquery

Overview

Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery may interpret HTML as selectors when given certain inputs, allowing for client side code execution.

Proof of Concept

$("#log").html(
    $("element[attribute='<img src=\"x\" onerror=\"alert(1)\" />']").html()
);

Remediation

Update to version 1.9.0 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Mar 21st, 2017
  2. reported

    Initial report by Richard Gibson
    Mar 20th, 2017