jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| jquery | jquery | 3.0.0 | - |
| oracle | agile_product_lifecycle_management_for_process | - | - |
| oracle | agile_product_lifecycle_management_for_process |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
81
Affected Products
76
References
jquery / jquery
| - |
| - |
| oracle | agile_product_lifecycle_management_for_process | - | - |
| oracle | agile_product_lifecycle_management_for_process | - | - |
| oracle | agile_product_lifecycle_management_for_process | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | banking_platform | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | business_process_management_suite | - | - |
| oracle | communications_converged_application_server | 7.0.0.1 | - |
| oracle | communications_interactive_session_recorder | - | - |
| oracle | communications_interactive_session_recorder | - | - |
| oracle | communications_interactive_session_recorder | - | - |
| oracle | communications_services_gatekeeper | 6.1.0.4.0 | - |
| oracle | communications_webrtc_session_controller | 7.2 | - |
| oracle | endeca_information_discovery_studio | - | - |
| oracle | endeca_information_discovery_studio | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | enterprise_operations_monitor | - | - |
| oracle | enterprise_operations_monitor | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 7.3.3 - 7.3.5 | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.0 - 8.0.7 | - |
| oracle | financial_services_asset_liability_management | 8.0.4 - 8.0.7 | - |
| oracle | financial_services_data_integration_hub | 8.0.5 - 8.0.7 | - |
| oracle | financial_services_funds_transfer_pricing | 8.0.4 - 8.0.7 | - |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.0.4 - 8.0.7 | - |
| oracle | financial_services_liquidity_risk_management | 8.0.2 - 8.0.6 | - |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | 8.0.2 - 8.0.7 | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_profitability_management | 8.0.4 - 8.0.6 | - |
| oracle | financial_services_reconciliation_framework | - | - |
| oracle | financial_services_reconciliation_framework | - | - |
| oracle | fusion_middleware_mapviewer | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_translational_research | - | - |
| oracle | hospitality_cruise_fleet_management | - | - |
| oracle | hospitality_guest_access | - | - |
| oracle | hospitality_guest_access | - | - |
| oracle | hospitality_materials_control | - | - |
| oracle | hospitality_reporting_and_analytics | - | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | jd_edwards_enterpriseone_tools | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | oss_support_tools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | primavera_gateway | - | - |
| oracle | primavera_gateway | - | - |
| oracle | primavera_gateway | - | - |
| oracle | primavera_unifier | 17.1 - 17.12 | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | primavera_unifier | - | - |
| oracle | real-time_scheduler | - | - |
| oracle | retail_allocation | - | - |
| oracle | retail_customer_insights | - | - |
| oracle | retail_customer_insights | - | - |
| oracle | retail_invoice_matching | - | - |
| oracle | retail_sales_audit | - | - |
| oracle | retail_workforce_management_software | - | - |
| oracle | retail_workforce_management_software | - | - |
| oracle | service_bus | - | - |
| oracle | service_bus | - | - |
| oracle | siebel_ui_framework | - | - |
| oracle | siebel_ui_framework | - | - |
| oracle | utilities_framework | 4.3.0.1 - 4.3.0.4 | - |
| oracle | utilities_mobile_workforce_management | - | - |
| oracle | webcenter_sites | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability
Impact