In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchcacti< 1.2.13-r0UNKNOWN
Alpineedge-communitynoarchdrupal7< 7.70-r0UNKNOWN
Alpine3.11-communitynoarchdrupal7< 7.70-r0UNKNOWN
Alpine3.12-communitynoarchdrupal7< 7.70-r0UNKNOWN
Alpine3.13-communitynoarchcacti< 1.2.13-r0UNKNOWN
Alpine3.13-communitynoarchdrupal7< 7.70-r0UNKNOWN
Alpine3.14-communitynoarchcacti< 1.2.13-r0UNKNOWN
Alpine3.14-communitynoarchdrupal7< 7.70-r0UNKNOWN
Alpine3.15-communitynoarchcacti< 1.2.13-r0UNKNOWN
Alpine3.15-communitynoarchdrupal7< 7.70-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	cacti	< 1.2.13-r0	UNKNOWN
Alpine	edge-community	noarch	drupal7	< 7.70-r0	UNKNOWN
Alpine	3.11-community	noarch	drupal7	< 7.70-r0	UNKNOWN
Alpine	3.12-community	noarch	drupal7	< 7.70-r0	UNKNOWN
Alpine	3.13-community	noarch	cacti	< 1.2.13-r0	UNKNOWN
Alpine	3.13-community	noarch	drupal7	< 7.70-r0	UNKNOWN
Alpine	3.14-community	noarch	cacti	< 1.2.13-r0	UNKNOWN
Alpine	3.14-community	noarch	drupal7	< 7.70-r0	UNKNOWN
Alpine	3.15-community	noarch	cacti	< 1.2.13-r0	UNKNOWN
Alpine	3.15-community	noarch	drupal7	< 7.70-r0	UNKNOWN

Rows per page:

1-10 of 181

nodejs 1

nessus 56

veracode 1

packetstorm 1

githubexploit 3

openvas 21

cve 1

prion 1

osv 9

redhat 10

redhatcve 1

debiancve 1

f5 1

ubuntucve 1

cvelist 1

zdt 1

hackerone 1

ibm 46

github 3

exploitdb 1

suse 3

attackerkb 2

hp 2

fedora 7

atlassian 5

joomla 1

checkpoint_advisories 1

oraclelinux 3

debian 2

drupal 1

ics 2

typo3 1

gentoo 1

altlinux 1

freebsd 1

adobe 1

centos 1

almalinux 1

rocky 1

amazon 1

nodejs

Cross-Site Scripting

2020-04-30 18:19:09

nessus

F5 Networks BIG-IP : jQuery vulnerability (K02453220)

2023-11-02 00:00:00

RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2020:2217)

2020-06-01 00:00:00

Oracle JDeveloper XSS (October 2020 CPU)

2020-11-02 00:00:00

veracode

Cross-Site Scripting (XSS)

2020-04-30 01:59:55

packetstorm

jQuery 1.2 Cross Site Scripting

2021-04-14 00:00:00

githubexploit

Exploit for Cross-site Scripting in Jquery

2020-11-02 20:55:10

Exploit for Cross-site Scripting in Jquery

2021-10-16 01:10:33

Exploit for Cross-site Scripting in Jquery

2020-04-14 19:12:01

openvas

jQuery 1.2 < 3.5.0 XSS Vulnerability

2020-05-05 00:00:00

Tenable Nessus < 8.13.0 XSS Vulnerability (TNS-2020-10)

2023-05-17 00:00:00

openSUSE: Security Advisory for otrs (openSUSE-SU-2020:1888-1)

2020-11-10 00:00:00

cve

CVE-2020-11022

2020-04-29 22:15:00

prion

Code injection

2020-04-29 22:15:00

osv

Use of insecure jQuery version in OctoberCMS

2020-06-05 19:37:49

BIT-drupal-2020-11022

2024-03-06 10:59:15

CVE-2020-11022

2020-04-29 22:15:11

redhat

(RHSA-2020:2217) Moderate: OpenShift Container Platform 3.11 security update

2020-05-28 11:08:25

(RHSA-2020:4211) Moderate: Red Hat AMQ Interconnect 1.9.0 release and security update

2020-10-08 06:44:00

(RHSA-2020:3807) Moderate: Red Hat Virtualization security, bug fix, and enhancement update

2020-09-23 15:54:23

redhatcve

CVE-2020-11022

2020-04-29 23:09:52

debiancve

CVE-2020-11022

2020-04-29 22:15:00

K02453220 : jQuery vulnerability CVE-2020-11022

2020-08-03 00:00:00

ubuntucve

CVE-2020-11022

2020-04-29 00:00:00

cvelist

CVE-2020-11022 Potential XSS vulnerability in jQuery

2020-04-29 00:00:00

zdt

jQuery 1.2 - Cross-Site Scripting Vulnerability

2021-04-14 00:00:00

hackerone

Reddit: CVE-2020-11022

2022-12-20 17:19:58

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cross-site scripting in jQuery (CVE-2020-11022).

2023-01-12 21:59:00

Security Bulletin: IBM Aspera Webapps are vulnerable to cross-site scripting (CVE-2020-11022, CVE-2020-11023).

2021-09-17 18:19:25

Security Bulletin: Steps to update DataQuant Wrokstation ans DataQuant WebSphere plugins.

2020-10-07 21:15:08

github

Use of insecure jQuery version in OctoberCMS

2020-06-05 19:37:49

Potential XSS vulnerability in jQuery

2020-04-29 22:18:55

Persistent Cross-site Scripting vulnerability in PrivateBin

2022-04-12 20:45:22

exploitdb

jQuery 1.2 - Cross-Site Scripting (XSS)

2021-04-14 00:00:00

suse

Security update for otrs (moderate)

2020-11-10 00:00:00

Security update for cacti, cacti-spine (moderate)

2020-07-25 00:00:00

Security update for cacti, cacti-spine (moderate)

2020-07-28 00:00:00

attackerkb

CVE-2020-11022

2020-04-29 00:00:00

CVE-2020-11023

2020-04-29 00:00:00

Certain HP Printers and MFP products - Cross-Site Scripting (XSS)

2020-09-17 00:00:00

HPSBPI03688 rev. 1 - Certain HP Printer and MFP products - Cross-Site Scripting (XSS)

2020-09-17 00:00:00

fedora

[SECURITY] Fedora 32 Update: drupal8-8.9.0-1.fc32

2020-06-16 01:32:24

[SECURITY] Fedora 32 Update: drupal7-7.70-1.fc32

2020-05-31 03:31:15

[SECURITY] Fedora 33 Update: drupal7-7.72-1.fc33

2020-09-25 17:15:48

atlassian

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

2021-02-02 09:59:24

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

2021-02-02 09:59:24

jquery 2.2.4 XSS vulnerability

2022-08-24 14:53:45

joomla

[20200604] - Core - XSS in jQuery.htmlPrefilter

2020-04-10 00:00:00

checkpoint_advisories

jQuery Cross Site Scripting (CVE-2020-11022; CVE-2020-11023)

2020-11-16 00:00:00

oraclelinux

jquery-ui security update

2022-03-01 00:00:00

ipa security, bug fix, and enhancement update

2020-10-06 00:00:00

idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-10 00:00:00

debian

[SECURITY] [DLA 2608-1] jquery security update

2021-03-26 01:32:42

[SECURITY] [DSA 4693-1] drupal7 security update

2020-05-26 21:08:38

drupal

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002

2020-05-20 00:00:00

ics

AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere (Update A)

2023-03-16 12:00:00

Mitsubishi Electric EcoWebServerIII

2022-02-24 12:00:00

typo3

Cross-Site Scripting in extension "Kitodo.Presentation" (dlf)

2020-07-29 00:00:00

gentoo

Cacti: Multiple vulnerabilities

2020-07-26 00:00:00

altlinux

Security fix for the ALT Linux 9 package phpipam version 1.42.027-alt1

2020-10-21 00:00:00

freebsd

Cacti -- multiple vulnerabilities

2020-07-15 00:00:00

adobe

APSB19-38 Security update available for Adobe Experience Manager

2019-07-09 00:00:00

centos

ipa, python2 security update

2020-10-20 18:15:27

almalinux

Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

rocky

idm:DL1 and idm:client security, bug fix, and enhancement update

2020-11-03 12:25:36

amazon

Medium: ipa

2020-10-22 17:40:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

0.061 Low

EPSS

Percentile

93.5%

JSON

Related for ALPINE:CVE-2020-11022