Description
Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.
Remediation
References
Related Vulnerabilities
WordPress Plugin Animal Captcha Cross-Site Scripting (1.6.2)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14540)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-15901)
WordPress Plugin Google Drive for WordPress Arbitrary File Deletion (2.2)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-14830)