CVE-2010-5312
Summary
| CVE | CVE-2010-5312 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2014-11-24 16:59:00 UTC |
|---|
| Updated | 2023-06-21 18:26:00 UTC |
|---|
| Description | Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability |
BID |
www.securityfocus.com |
Third Party Advisory, VDB Entry |
| [SECURITY] Fedora 36 Update: drupal7-7.92-1.fc36 - package-announce - Fedora Mailing-Lists |
MISC |
lists.fedoraproject.org |
|
| Pony Mail! |
MLIST |
lists.apache.org |
|
| Dialog: Extract setting the title into a _title method, use .text() t… · jquery/jquery-ui@7e9060c · GitHub |
CONFIRM |
github.com |
Vendor Advisory |
| Pony Mail! |
MISC |
lists.apache.org |
|
| Oracle Critical Patch Update - October 2016 |
CONFIRM |
www.oracle.com |
Patch, Third Party Advisory |
| Debian -- Security Information -- DSA-3249-1 jqueryui |
DEBIAN |
www.debian.org |
Third Party Advisory |
| #6016 (XSS Vulnerability - Dialog Title)
– jQuery UI |
CONFIRM |
bugs.jqueryui.com |
Exploit, Vendor Advisory |
| [SECURITY] Fedora 35 Update: drupal7-7.92-1.fc35 - package-announce - Fedora Mailing-Lists |
MISC |
lists.fedoraproject.org |
|
| Red Hat Customer Portal |
REDHAT |
rhn.redhat.com |
Third Party Advisory |
| Pony Mail! |
MISC |
lists.apache.org |
|
| Pony Mail! |
MISC |
lists.apache.org |
|
| IBM X-Force Exchange |
XF |
exchange.xforce.ibmcloud.com |
Third Party Advisory, VDB Entry |
| oss-sec: old CVE assignments for JQuery 1.10.0 |
MLIST |
seclists.org |
Mailing List, Third Party Advisory |
| [SECURITY] Fedora 36 Update: drupal7-7.92-1.fc36 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| oss-sec: Re: old CVE assignments for JQuery 1.10.0 |
MLIST |
seclists.org |
Mailing List, Third Party Advisory |
| Pony Mail! |
MLIST |
lists.apache.org |
|
| Oracle Database Multiple Flaws Let Remote and Local Users Access and Modify Data and Gain Elevated Privileges and Let Local Users Deny Service - SecurityTracker |
SECTRACK |
www.securitytracker.com |
Third Party Advisory, VDB Entry |
| Access to this page has been denied. |
CONFIRM |
www.drupal.org |
|
| September 2018 jQuery Vulnerabilities in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| Pony Mail! |
MLIST |
lists.apache.org |
|
| Red Hat Customer Portal |
REDHAT |
rhn.redhat.com |
Third Party Advisory |
| [SECURITY] Fedora 35 Update: drupal7-7.92-1.fc35 - package-announce - Fedora Mailing-Lists |
FEDORA |
lists.fedoraproject.org |
|
| [SECURITY] [DLA-2889-1] drupal7 security update |
MLIST |
lists.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 180932 Debian Security Update for drupal7 (DLA-2889-1)
- 283227 Fedora Security Update for drupal7 (FEDORA-2022-9d655503ea)
- 283277 Fedora Security Update for drupal7 (FEDORA-2022-bf18450366)
- 283473 Fedora Security Update for drupal7 (FEDORA-2022-c4334d5277)
- 502054 Alpine Linux Security Update for drupal7
- 504707 Alpine Linux Security Update for drupal7
- 730342 Drupal Core Cross-Site Scripting (XSS) Vulnerability (SA-CORE-2022-002)
- 980813 Nodejs (npm) Security Update for jquery-ui (GHSA-wcm2-9c89-wmfm)
- 995416 Java (Maven) Security Update for org.webjars.npm:jquery-ui (GHSA-wcm2-9c89-wmfm)
- 995438 DotNet (Nuget) Security Update for jQuery.UI.Combined (GHSA-wcm2-9c89-wmfm)
- 995447 Rubygems (Rubygems) Security Update for jquery-ui-rails (GHSA-wcm2-9c89-wmfm)
