Description

Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.

Remediation

References

CVE-2021-36713

Related Vulnerabilities

WordPress Plugin WP Ultimate Email Marketer Multiple Vulnerabilities (1.1.0)

Open Resty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)

WordPress Plugin Reviews Plus Denial of Service (1.2.13)

Grafana URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29170)

WordPress Plugin Display Posts Shortcode Unspecified Vulnerability (1.9)

Severity

Medium

Classification

CVE-2021-36713 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities