Description

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

Remediation

References

CVE-2010-5312

Related Vulnerabilities

WordPress Plugin Invit0r 'ofc_upload_image.php' Arbitrary File Upload (0.22)

ownCloud Improper Input Validation Vulnerability (CVE-2012-5336)

Oracle Database Server CVE-2009-1964 Vulnerability (CVE-2009-1964)

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)

WordPress Plugin WP-Optimize Multiple Vulnerabilities (1.8.9.9)

Severity

Medium

Classification

CVE-2010-5312 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities