In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
198
Affected Products
86
References
jquery / jquery
| - |
| drupal | drupal | 8.8.0 - 8.8.6 | - |
| debian | debian_linux | - | - |
| fedoraproject | fedora | - | - |
| fedoraproject | fedora | - | - |
| fedoraproject | fedora | - | - |
| oracle | agile_product_lifecycle_management_for_process | - | - |
| oracle | application_testing_suite | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | banking_digital_experience | - | - |
| oracle | blockchain_platform | 21.1.2 | - |
| oracle | communications_application_session_controller | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_diameter_signaling_router_idih\ | 8.0.0 - 8.2.2 | - |
| oracle | communications_eagle_application_processor | 16.1.0 - 16.4.0 | - |
| oracle | communications_services_gatekeeper | - | - |
| oracle | communications_webrtc_session_controller | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | enterprise_session_border_controller | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6.0.0 - 8.1.0.0.0 | - |
| oracle | financial_services_analytical_applications_reconciliation_framework | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_analytical_applications_reconciliation_framework | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_balance_sheet_planning | - | - |
| oracle | financial_services_basel_regulatory_capital_basic | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_basel_regulatory_capital_basic | - | - |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | - | - |
| oracle | financial_services_data_foundation | 8.0.6 - 8.1.0 | - |
| oracle | financial_services_data_governance_for_us_regulatory_reporting | 8.0.6 - 8.0.9 | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_hedge_management_and_ifrs_valuations | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_liquidity_risk_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_regulatory_reporting_for_european_banking_authority | 8.0.6 - 8.1.0 | - |
| oracle | financial_services_regulatory_reporting_for_us_federal_reserve | 8.0.6 - 8.0.9 | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | hospitality_materials_control | - | - |
| oracle | hospitality_simphony | 19.1.0 - 19.1.2 | - |
| oracle | hospitality_simphony | - | - |
| oracle | hospitality_simphony | - | - |
| oracle | insurance_accounting_analyzer | - | - |
| oracle | insurance_allocation_manager_for_enterprise_profitability | - | - |
| oracle | insurance_allocation_manager_for_enterprise_profitability | - | - |
| oracle | insurance_data_foundation | 8.0.6 - 8.1.0 | - |
| oracle | insurance_insbridge_rating_and_underwriting | 5.0.0.0 - 5.6.0.0 | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | policy_automation | 12.2.0 - 12.2.20 | - |
| oracle | policy_automation_connector_for_siebel | - | - |
| oracle | policy_automation_for_mobile_devices | 12.2.0 - 12.2.20 | - |
| oracle | retail_back_office | - | - |
| oracle | retail_back_office | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_returns_management | - | - |
| oracle | retail_returns_management | - | - |
| oracle | siebel_ui_framework | - | - |
| oracle | storagetek_acsls | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| netapp | max_data | - | - |
| netapp | oncommand_insight | - | - |
| netapp | oncommand_system_manager | 3.0 - 3.1.3 | - |
| netapp | snap_creator_framework | - | - |
| netapp | snapcenter | - | - |
| netapp | h300s_firmware | - | - |
| netapp | h500s_firmware | - | - |
| netapp | h700s_firmware | - | - |
| netapp | h300e_firmware | - | - |
| netapp | h500e_firmware | - | - |
| netapp | h700e_firmware | - | - |
| netapp | h410s_firmware | - | - |
| netapp | h410c_firmware | - | - |
| opensuse | leap | - | - |
| opensuse | leap | - | - |
| tenable | log_correlation_engine | 6.0.9 | - |
| oracle | agile_product_supplier_collaboration_for_process | - | - |
| oracle | banking_digital_experience | 18.1 - 20.1 | - |
| oracle | communications_application_session_controller | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_billing_and_revenue_management | - | - |
| oracle | communications_diameter_signaling_router_idih\ | 8.0.0 - 8.2.2 | - |
| oracle | communications_webrtc_session_controller | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | enterprise_session_border_controller | - | - |
| oracle | financial_services_analytical_applications_infrastructure | 8.0.6 - 8.1.0 | - |
| oracle | financial_services_analytical_applications_reconciliation_framework | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_analytical_applications_reconciliation_framework | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_asset_liability_management | - | - |
| oracle | financial_services_balance_sheet_planning | - | - |
| oracle | financial_services_basel_regulatory_capital_basic | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_basel_regulatory_capital_basic | - | - |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_basel_regulatory_capital_internal_ratings_based_approach | - | - |
| oracle | financial_services_data_foundation | 8.0.6 - 8.1.0 | - |
| oracle | financial_services_data_governance_for_us_regulatory_reporting | 8.0.6 - 8.0.9 | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_data_integration_hub | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_funds_transfer_pricing | - | - |
| oracle | financial_services_hedge_management_and_ifrs_valuations | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_hedge_management_and_ifrs_valuations | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_institutional_performance_analytics | - | - |
| oracle | financial_services_liquidity_risk_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_liquidity_risk_measurement_and_management | - | - |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | 8.0.6 - 8.0.8 | - |
| oracle | financial_services_loan_loss_forecasting_and_provisioning | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_market_risk_measurement_and_management | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_price_creation_and_discovery | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_profitability_management | - | - |
| oracle | financial_services_regulatory_reporting_for_european_banking_authority | 8.0.6 - 8.1.0 | - |
| oracle | financial_services_regulatory_reporting_for_us_federal_reserve | 8.0.6 - 8.0.9 | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | healthcare_foundation | - | - |
| oracle | hospitality_materials_control | - | - |
| oracle | hospitality_simphony | - | - |
| oracle | hospitality_simphony | - | - |
| oracle | hospitality_simphony | - | - |
| oracle | insurance_accounting_analyzer | - | - |
| oracle | insurance_allocation_manager_for_enterprise_profitability | - | - |
| oracle | insurance_allocation_manager_for_enterprise_profitability | - | - |
| oracle | insurance_data_foundation | - | - |
| oracle | insurance_insbridge_rating_and_underwriting | 5.0.0.0 - 5.6.0.0 | - |
| oracle | insurance_insbridge_rating_and_underwriting | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | jdeveloper | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | peoplesoft_enterprise_peopletools | - | - |
| oracle | policy_automation | 12.2.0 - 12.2.20 | - |
| oracle | policy_automation_connector_for_siebel | - | - |
| oracle | policy_automation_for_mobile_devices | 12.2.0 - 12.2.20 | - |
| oracle | retail_back_office | - | - |
| oracle | retail_back_office | - | - |
| oracle | retail_customer_management_and_segmentation_foundation | - | - |
| oracle | retail_returns_management | - | - |
| oracle | retail_returns_management | - | - |
| oracle | siebel_ui_framework | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
| oracle | weblogic_server | - | - |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
Exploitability
Impact