JQuery Tooltip Cross Site Scripting

JQuery Tooltip Cross Site Scripting: Posted Aug 28, 2012; Authored by Claudio Contin; JQuery Tooltip suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 088a62925514da2dffb93c28a026cbae071b0c06e7a4b5e8e1b290742bd24e07; Download | Favorite | View

JQuery Tooltip Cross Site Scripting

/*
  Author: Claudio Contin
  XSS bug on http://www.jquerytools.org/ tooltip component
*/

Tooltip component doesn't sanitize html passed to the 'title' element, even though the html is already sanitized before been passed to tooltip class.
Cross site scripting is possible if user has control of the input passed to tooltip.

Top Authors In Last 30 Days

Red Hat 145 files
Ubuntu 108 files
Debian 16 files
Rafael Pedrero 11 files
LiquidWorm 10 files
Google Security Research 9 files
Apple 9 files
Abdulhakim Oner 8 files
nu11secur1ty 8 files
Hubert Wojciechowski 6 files

File Archives

Systems

AIX (426)
Apple (1,960)
BSD (372)
CentOS (56)
Cisco (1,919)
Debian (6,714)
Fedora (1,691)
FreeBSD (1,244)
Gentoo (4,288)
HPUX (878)
iOS (340)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,137)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,925)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,453)
UNIX (9,208)
UnixWare (185)
Windows (6,532)
Other

JQuery Tooltip Cross Site Scripting

JQuery Tooltip Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

JQuery Tooltip Cross Site Scripting

Share This

JQuery Tooltip Cross Site Scripting

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems