what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

CVE-2020-11023

Status Candidate

Overview

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Related Files

Red Hat Security Advisory 2021-4142-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4142-02 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11023, CVE-2020-7656
MD5 | c16b0a284d0b0aa7f3ad83efa6ce6464
Red Hat Security Advisory 2021-1846-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1846-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-11023
MD5 | 4996baec679ba44ea9d147df1e73398d
jQuery 1.0.3 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11023
MD5 | 179fd6b72dec05ab89308264840d7aa5
Red Hat Security Advisory 2021-0860-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0860-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-11023
MD5 | 955c13083d09d6d400458aa1f72ec061
Red Hat Security Advisory 2021-0778-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-5766, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19956, CVE-2019-20372, CVE-2019-20388, CVE-2019-20907, CVE-2020-10543, CVE-2020-10878, CVE-2020-11022, CVE-2020-11023, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-1971
MD5 | 198f85a6d096aab12ca29885a346b930
Red Hat Security Advisory 2020-5412-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5412-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include a code execution vulnerability.

tags | advisory, javascript, code execution, python
systems | linux, redhat
advisories | CVE-2020-11023
MD5 | 21e73315192b13aed7b1e70867c71f8b
Red Hat Security Advisory 2020-5249-01
Posted Nov 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5249-01 - Fixed two jQuery vulnerabilities Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP requests by default Updated several dependencies of Ansible Tower's User Interface to address Updated to the latest version of python-psutil to address CVE-2019-18874 Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases Fixed workflows to no longer prevent certain users from being able to edit approval nodes Fixed confusing behavior for social auth logins across distinct browser tabs Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2020-11022, CVE-2020-11023, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743
MD5 | 4eefeaf6b7e349b286bcd7fc4ba67327
Red Hat Security Advisory 2020-4847-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4847-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include code execution, cross site scripting, denial of service, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2019-10146, CVE-2019-10179, CVE-2019-10221, CVE-2019-11358, CVE-2019-8331, CVE-2020-11022, CVE-2020-11023, CVE-2020-15720, CVE-2020-1721
MD5 | 7ecfb4bf539e1fbe2b8442201768bfc4
Red Hat Security Advisory 2020-4211-01
Posted Oct 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4211-01 - Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages. This release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-7656
MD5 | 79f2db3be0766a35dac7a9803f6095d9
Red Hat Security Advisory 2020-3807-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3807-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, root, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14333, CVE-2020-8203
MD5 | 780c083fc00b5826b5832bcbc0efebb5
Red Hat Security Advisory 2020-3369-01
Posted Aug 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3369-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and open redirection vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-11023, CVE-2020-12666, CVE-2020-14040, CVE-2020-8203, CVE-2020-9283
MD5 | 2203ace8f302c0492b0126d27e66dca1
Red Hat Security Advisory 2020-3247-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3247-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2017-18635, CVE-2019-10086, CVE-2019-13990, CVE-2019-17195, CVE-2019-19336, CVE-2019-8331, CVE-2020-10775, CVE-2020-11022, CVE-2020-11023, CVE-2020-7598
MD5 | 09627a046f1dd8dcfac3c537c3f54e08
Gentoo Linux Security Advisory 202007-03
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.13 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14295
MD5 | d29dd3a48dd75205f6082fcb232dbfad
Red Hat Security Advisory 2020-2412-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-11254, CVE-2019-11358, CVE-2020-10749, CVE-2020-11022, CVE-2020-11023, CVE-2020-8558, CVE-2020-9283
MD5 | fb50c62e152a3bb91c8924226093206d
Red Hat Security Advisory 2020-2813-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-10719, CVE-2020-10748, CVE-2020-11022, CVE-2020-11023, CVE-2020-1694, CVE-2020-1714, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
MD5 | fc87487bd16e3e344871d5b5c6ab11d5
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close