what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

CVE-2020-11023

Status Candidate

Overview

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Related Files

Red Hat Security Advisory 2022-6393-01
Posted Sep 8, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-6393-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2021-22096, CVE-2021-23358, CVE-2022-2806, CVE-2022-31129
SHA-256 | 59c49e7becc4344481acfbc3d76e3bd89a56c7009339fce1f5ab8a92bd9d24cc
Red Hat Security Advisory 2021-4142-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4142-02 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11023, CVE-2020-7656
SHA-256 | 4fd691cef1c637f2f4631dadaeff60d264d509bd5503257da489c03aa2019fd6
Red Hat Security Advisory 2021-1846-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1846-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-11023
SHA-256 | 810df375a55d862de0c813a6a0662d3cddacbf6daa84cc2ad5d5a612588ff2f9
jQuery 1.0.3 Cross Site Scripting
Posted Apr 14, 2021
Authored by Central Infosec

jQuery version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2020-11023
SHA-256 | 7ff5c0bf22409a30bef573c9e5485eb91fec6fb5647f3807595a866b12f17491
Red Hat Security Advisory 2021-0860-01
Posted Mar 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0860-01 - Red Hat Identity Management is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2020-11023
SHA-256 | 536258b6e4a45956752b7ef55a49a8e0d9ca1440a1aad6e8e965d9de37784f98
Red Hat Security Advisory 2021-0778-01
Posted Mar 9, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0778-01 - Red Hat Ansible Tower 3.6.7-1 has a security and bug fix update. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and privilege escalation vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2016-5766, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12749, CVE-2019-14866, CVE-2019-15903, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-19956, CVE-2019-20372, CVE-2019-20388, CVE-2019-20907, CVE-2020-10543, CVE-2020-10878, CVE-2020-11022, CVE-2020-11023, CVE-2020-12243, CVE-2020-12400, CVE-2020-12401, CVE-2020-12402, CVE-2020-12403, CVE-2020-12723, CVE-2020-1971
SHA-256 | b36485939bcc96f4f05a1b61fcc6c6e3aefa7b635d0f1eb06d546cdccf61da2a
Red Hat Security Advisory 2020-5412-01
Posted Dec 16, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5412-01 - python-XStatic-jQuery is the jQuery javascript library packaged for Python's setuptools. Issues addressed include a code execution vulnerability.

tags | advisory, javascript, code execution, python
systems | linux, redhat
advisories | CVE-2020-11023
SHA-256 | aa6cadf360467aa8675c6c7bb4ffac148174f61c06931d7d7be43e435824e6f8
Red Hat Security Advisory 2020-5249-01
Posted Nov 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5249-01 - Fixed two jQuery vulnerabilities Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP requests by default Updated several dependencies of Ansible Tower's User Interface to address Updated to the latest version of python-psutil to address CVE-2019-18874 Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases Fixed workflows to no longer prevent certain users from being able to edit approval nodes Fixed confusing behavior for social auth logins across distinct browser tabs Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2020-11022, CVE-2020-11023, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743
SHA-256 | 110dd18b4efb16ae0c10f48cfdb06ff0615e9ae0e93f088c11b253e73a4fd781
Red Hat Security Advisory 2020-4847-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4847-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System. Issues addressed include code execution, cross site scripting, denial of service, and memory leak vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, memory leak
systems | linux, redhat
advisories | CVE-2015-9251, CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2019-10146, CVE-2019-10179, CVE-2019-10221, CVE-2019-11358, CVE-2019-8331, CVE-2020-11022, CVE-2020-11023, CVE-2020-15720, CVE-2020-1721
SHA-256 | c6dbd2e3ea30e370f45b401a443f118436a835f3b29825000a270eeb00728c27
Red Hat Security Advisory 2020-4211-01
Posted Oct 8, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4211-01 - Red Hat AMQ Interconnect is a component of the AMQ 7 product family. AMQ Interconnect provides flexible routing of messages between AMQP-enabled endpoints, whether they are clients, servers, brokers, or any other entity that can send or receive standard AMQP messages. This release of Red Hat AMQ Interconnect 1.9.0 serves as a replacement for Red Hat AMQ Interconnect 1.8.0 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-7656
SHA-256 | 759f412dad3e85a67231c7eceb38b0bce43448279d7e1998a11666967ad6f66c
Red Hat Security Advisory 2020-3807-01
Posted Sep 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3807-01 - The org.ovirt.engine-root is a core component of oVirt. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, root, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14333, CVE-2020-8203
SHA-256 | 23fb99a110d6ca6419a2e912c2d9c19988b46b08f68a5dcd98206209ee65733b
Red Hat Security Advisory 2020-3369-01
Posted Aug 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3369-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and open redirection vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-11023, CVE-2020-12666, CVE-2020-14040, CVE-2020-8203, CVE-2020-9283
SHA-256 | 7222258e85e542b4bd918c83fa6a94b633c208a270e15b944a03ec1b0f6b7cf9
Red Hat Security Advisory 2020-3247-01
Posted Aug 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3247-01 - The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2017-18635, CVE-2019-10086, CVE-2019-13990, CVE-2019-17195, CVE-2019-19336, CVE-2019-8331, CVE-2020-10775, CVE-2020-11022, CVE-2020-11023, CVE-2020-7598
SHA-256 | e6f2535c6436b0a735b170e94bf5d8887dbf21ad4b4d2db85d0b797efa770f33
Gentoo Linux Security Advisory 202007-03
Posted Jul 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202007-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code. Versions less than 1.2.13 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11022, CVE-2020-11023, CVE-2020-14295
SHA-256 | b91c68deb806affd52aaef7ec8de220f22efb4b1fd563f5e4c88378a9d9c35b7
Red Hat Security Advisory 2020-2412-01
Posted Jul 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2412-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, denial of service, and man-in-the-middle vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-11254, CVE-2019-11358, CVE-2020-10749, CVE-2020-11022, CVE-2020-11023, CVE-2020-8558, CVE-2020-9283
SHA-256 | e60286d01d27b1060c209cb22a61b5584d6bb466e3d39052c5c356cb6a07cb55
Red Hat Security Advisory 2020-2813-01
Posted Jul 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2813-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.1 serves as a replacement for Red Hat Single Sign-On 7.4.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-10719, CVE-2020-10748, CVE-2020-11022, CVE-2020-11023, CVE-2020-1694, CVE-2020-1714, CVE-2020-8840, CVE-2020-9546, CVE-2020-9547, CVE-2020-9548
SHA-256 | 1c1d602b8a2a7830043fa2e0ba5fef5fa819bd9b6197bfeb59f173a6993f87e6
Debian Security Advisory 4693-1
Posted May 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4693-1 - Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.

tags | advisory, vulnerability, xss
systems | linux, debian
advisories | CVE-2020-11022, CVE-2020-11023
SHA-256 | 357e410d6d2403dbc035d10bf229ad70fd4d22acedb37509054f636187976747
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close