N/A

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, and because the exploitation example does not indicate whether, or how, the example website is using jQuery UI.

N/A

N/A

jQuery UI 安全漏洞

jQuery UI是jQuery开源的一个基于 jQuery 构建的一组精心策划的用户界面交互、效果、小部件和主题。 jQuery UI v.1.13.1版本存在安全漏洞，该漏洞源于存在跨站脚本漏洞，允许远程攻击者通过发送特制的有效载荷来获取敏感信息并执行任意代码。

N/A

N/A