Lucene search
Alpine Linux Development TeamALPINE:CVE-2021-41182HistoryOct 26, 2021 - 3:15 p.m.
CVE-2021-41182
2021-10-2615:15:00
Alpine Linux Development Team
security.alpinelinux.org
34
0.003 Low
EPSS
Percentile
70.0%
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the altField option is now treated as a CSS selector. A workaround is to not accept the value of the altField option from untrusted sources.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | drupal7 | < 7.86-r0 | UNKNOWN |
Related
osv
osv
CVE-2021-41182
2021-10-26 15:15:10
XSS in the `altField` option of the Datepicker widget in jquery-ui
2021-10-26 14:55:02
BIT-drupal-2021-41182
2024-03-06 10:54:54
debiancve
debiancve
CVE-2021-41182
2021-10-26 15:15:00
github
github
XSS in the `altField` option of the Datepicker widget in jquery-ui
2021-10-26 14:55:02
redhatcve
redhatcve
CVE-2021-41182
2021-11-01 17:41:12
cvelist
cvelist
CVE-2021-41182 XSS in the `altField` option of the Datepicker widget
2021-10-26 00:00:00
cve
cve
CVE-2021-41182
2021-10-26 15:15:00
veracode
veracode
Cross-site Scripting (XSS)
2021-10-27 06:12:09
prion
prion
Code injection
2021-10-26 15:15:00
ubuntucve
ubuntucve
CVE-2021-41182
2021-10-26 00:00:00
drupal
drupal
checkpoint_advisories
checkpoint_advisories
ibm
ibm
Security Bulletin: IBM Security QRadar SOAR is using a component vulnerable to Cross Site Scripting (CVE-2021-41182, CVE-2021-41183, CVE-2021-41184)
2022-03-03 17:06:48
openvas
openvas
Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-013ab302be)
2021-12-04 00:00:00
Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-51c256bf87)
2021-12-04 00:00:00
Fedora: Security Advisory for js-jquery-ui (FEDORA-2021-ab38307fc3)
2021-12-04 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: js-jquery-ui-1.13.0-1.fc33
2021-11-20 01:45:55
[SECURITY] Fedora 35 Update: js-jquery-ui-1.13.0-1.fc35
2021-11-20 01:08:33
[SECURITY] Fedora 34 Update: js-jquery-ui-1.13.0-1.fc34
2021-11-20 01:11:49
nessus
nessus
JQuery UI < 1.13.0 Multiple XSS
2021-12-31 00:00:00
jQuery UI < 1.13.0 Multiple Vulnerabilities
2021-11-04 00:00:00
Debian DLA-3230-1 : jqueryui - LTS security update
2022-12-08 00:00:00
f5
f5
redhat
redhat
adobe
adobe
APSB23-50 : Security update available for Adobe Commerce
2023-10-10 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00