Description

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

Remediation

References

CVE-2016-7103

Related Vulnerabilities

WordPress Plugin WordPress File Upload Directory Traversal (4.12.2)

Apache Traffic Server Resource Management Errors Vulnerability (CVE-2016-5396)

WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)

WordPress Plugin Search Engine Unspecified Vulnerability (0.5.8)

WordPress Plugin WPMovieLibrary Multiple Cross-Site Scripting Vulnerabilities (2.1.4.1)

Severity

Medium

Classification

CVE-2016-7103 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities