Description
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Remediation
References
Related Vulnerabilities
WordPress Plugin Calendar Event Multi View Unspecified Vulnerability (1.3.58)
Oracle Database Server CVE-2015-2629 Vulnerability (CVE-2015-2629)
Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2014-7143)
WordPress Plugin Advanced Shipment Tracking for WooCommerce Security Bypass (3.2.6)
WordPress Plugin Appointments Scheduler Cross-Site Scripting (1.5)