Description
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Remediation
References
Related Vulnerabilities
PostgreSQL Cryptographic Issues Vulnerability (CVE-2012-2143)
WordPress Plugin All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1)
Drupal Other Vulnerability (CVE-2006-2831)
PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19355)
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14641)