ByteOS Network

NVD Vulnerability Details :

CVE-2018-18405

Modified

Source-cve@mitre.org

Published At-22 Apr, 2020 | 18:15

Updated At-05 Aug, 2024 | 11:15

jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	6.1	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 3.1

Base score: 6.1

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

>>jquery>>2.2.2

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov

CWE ID: CWE-79

Type: Primary

Source: nvd@nist.gov

Hyperlink	Source	Resource
https://gist.github.com/CyberSecurityUP/26c5b032897630fe8407da4a8ef216d4	cve@mitre.org	N/A
https://gitter.im/jquery/jquery?at=5ea844a05cd4fe50a3d7ddc9	cve@mitre.org	N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/	cve@mitre.org	N/A
https://twitter.com/DanielRufde/status/1255185961866145792	cve@mitre.org	N/A