Description
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Remediation
References
Related Vulnerabilities
WordPress Plugin Church Admin Arbitrary File Upload (4.4.6)
WordPress Plugin Event Notifier Cross-Site Scripting (1.2.0)
MediaWiki Improper Input Validation Vulnerability (CVE-2011-1580)
WordPress Plugin WPGlobus-Multilingual Everything! Multiple Vulnerabilities (1.9.6)
Python Uncontrolled Search Path Element Vulnerability (CVE-2017-20052)