Description

Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

Remediation

References

CVE-2010-5312

Related Vulnerabilities

WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.1)

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3738)

WordPress Plugin Sitewide Notice WP Cross-Site Scripting (2.2)

Oracle HTTP Server Other Vulnerability (CVE-2020-35166)

WordPress 5.7.x PHP Object Injection (5.7 - 5.7.1)

Severity

Medium

Classification

CVE-2010-5312 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities