Home

CVE-2015-9251

Description

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
27.164

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are affected in Oracle WebLogic Server 12.2.1.3Windows
Multiple vulnerabilities are affected in Oracle WebLogic Server 12.1.3.0Windows
Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.55Windows
Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.56Windows
Multiple vulnerabilities are affected in Oracle PeopleSoft Enterprise PeopleTools 8.57Windows
Multiple Vulnerabilities are affected in JD Edwards EnterpriseOne Tools 9.2Windows
Multiple Vulnerabilities are affected in Oracle Corporation PeopleSoft Enterprise PeopleTools 8.55Windows
Multiple Vulnerabilities are affected in Oracle Corporation PeopleSoft Enterprise PeopleTools 8.56Windows
Multiple Vulnerabilities are affected in Oracle Corporation PeopleSoft Enterprise PeopleTools 8.57Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Vulnerabilities CVE-2016-10707,CVE-2015-9251 are fixed in WebJars - jquery 3.0.0Windows
Vulnerabilities CVE-2015-9251 are fixed in WebJars - jquery 1.12.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
Vulnerabilities CVE-2015-9251 are fixed in Ruby-jquery-rails 4.2.0Windows
Vulnerabilities CVE-2015-9251 are fixed in Nuget - jQuery 1.12.2Windows
Vulnerabilities CVE-2015-9251 are fixed in Nuget - jQuery 3.0.0Windows
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-client-4.6.8-5.el7.x86_64.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-client-common-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-common-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-python-compat-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-server-4.6.8-5.el7.x86_64.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-server-common-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-server-dns-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update ipa-server-trust-ad-4.6.8-5.el7.x86_64.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update python2-ipaclient-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update python2-ipalib-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:3936) ipa security, bug fix, and enhancement update python2-ipaserver-4.6.8-5.el7.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpmLinux
(RHSA-2020:4847) pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) slf4j-1.7.25-4.module+el8.5.0+697+f586bb30.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) velocity-1.7-24.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xalan-j2-2.7.1-38.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) javassist-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xerces-j2-2.11.0-34.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) javassist-javadoc-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-net-3.6-3.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-lang-2.6-21.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xml-commons-resolver-1.2-26.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-collections-3.2.2-10.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) jakarta-commons-httpclient-3.1-28.module+el8.3.0+53+ea062990.noarch.rpmLinux
Apache-commons-collections update (ELSA-2020-4847) apache-commons-collections-3.2.2-10.module+el8.3.0+7697+44932688.noarch.rpmLinux
Apache-commons-lang update (ELSA-2020-4847) apache-commons-lang-2.6-21.module+el8.3.0+7697+44932688.noarch.rpmLinux
Apache-commons-net update (ELSA-2020-4847) apache-commons-net-3.6-3.module+el8.3.0+7697+44932688.noarch.rpmLinux
Bea-stax-api update (ELSA-2020-4847) bea-stax-api-1.2.0-16.module+el8.3.0+7697+44932688.noarch.rpmLinux
Glassfish-fastinfoset update (ELSA-2020-4847) glassfish-fastinfoset-1.2.13-9.module+el8.3.0+7697+44932688.noarch.rpmLinux
Glassfish-jaxb-api update (ELSA-2020-4847) glassfish-jaxb-api-2.2.12-8.module+el8.3.0+7697+44932688.noarch.rpmLinux
Glassfish-jaxb-core update (ELSA-2020-4847) glassfish-jaxb-core-2.2.11-11.module+el8.3.0+7697+44932688.noarch.rpmLinux
Glassfish-jaxb-runtime update (ELSA-2020-4847) glassfish-jaxb-runtime-2.2.11-11.module+el8.3.0+7697+44932688.noarch.rpmLinux
Glassfish-jaxb-txw2 update (ELSA-2020-4847) glassfish-jaxb-txw2-2.2.11-11.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-annotations update (ELSA-2020-4847) jackson-annotations-2.10.0-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-core update (ELSA-2020-4847) jackson-core-2.10.0-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-databind update (ELSA-2020-4847) jackson-databind-2.10.0-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-jaxrs-json-provider update (ELSA-2020-4847) jackson-jaxrs-json-provider-2.9.9-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-jaxrs-providers update (ELSA-2020-4847) jackson-jaxrs-providers-2.9.9-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jackson-module-jaxb-annotations update (ELSA-2020-4847) jackson-module-jaxb-annotations-2.7.6-4.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jakarta-commons-httpclient update (ELSA-2020-4847) jakarta-commons-httpclient-3.1-28.module+el8.3.0+7697+44932688.noarch.rpmLinux
Javassist update (ELSA-2020-4847) javassist-3.18.1-8.module+el8.3.0+7697+44932688.noarch.rpmLinux
Javassist-javadoc update (ELSA-2020-4847) javassist-javadoc-3.18.1-8.module+el8.3.0+7697+44932688.noarch.rpmLinux
Jss update (ELSA-2020-4847) jss-4.7.3-1.module+el8.3.0+7857+983338ee.x86_64.rpmLinux
Jss-javadoc update (ELSA-2020-4847) jss-javadoc-4.7.3-1.module+el8.3.0+7857+983338ee.x86_64.rpmLinux
Ldapjdk update (ELSA-2020-4847) ldapjdk-4.22.0-1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Ldapjdk-javadoc update (ELSA-2020-4847) ldapjdk-javadoc-4.22.0-1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-base update (ELSA-2020-4847) pki-base-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-base-java update (ELSA-2020-4847) pki-base-java-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-ca update (ELSA-2020-4847) pki-ca-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-kra update (ELSA-2020-4847) pki-kra-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-server update (ELSA-2020-4847) pki-server-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Pki-servlet-4.0-api update (ELSA-2020-4847) pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Pki-servlet-engine update (ELSA-2020-4847) pki-servlet-engine-9.0.30-1.module+el8.3.0+7697+44932688.noarch.rpmLinux
Pki-symkey update (ELSA-2020-4847) pki-symkey-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.x86_64.rpmLinux
Pki-tools update (ELSA-2020-4847) pki-tools-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.x86_64.rpmLinux
Python-nss-doc update (ELSA-2020-4847) python-nss-doc-1.0.1-10.module+el8.3.0+7697+44932688.x86_64.rpmLinux
Python3-nss update (ELSA-2020-4847) python3-nss-1.0.1-10.module+el8.3.0+7697+44932688.x86_64.rpmLinux
Python3-pki update (ELSA-2020-4847) python3-pki-10.9.4-1.0.1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
RelaxngDatatype update (ELSA-2020-4847) relaxngDatatype-2011.1-7.module+el8.3.0+7697+44932688.noarch.rpmLinux
Resteasy update (ELSA-2020-4847) resteasy-3.0.26-3.module+el8.3.0+7697+44932688.noarch.rpmLinux
Slf4j update (ELSA-2020-4847) slf4j-1.7.25-4.module+el8.3.0+7697+44932688.noarch.rpmLinux
Slf4j-jdk14 update (ELSA-2020-4847) slf4j-jdk14-1.7.25-4.module+el8.3.0+7697+44932688.noarch.rpmLinux
Stax-ex update (ELSA-2020-4847) stax-ex-1.7.7-8.module+el8.3.0+7697+44932688.noarch.rpmLinux
Tomcatjss update (ELSA-2020-4847) tomcatjss-7.5.0-1.module+el8.3.0+7857+983338ee.noarch.rpmLinux
Velocity update (ELSA-2020-4847) velocity-1.7-24.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xalan-j2 update (ELSA-2020-4847) xalan-j2-2.7.1-38.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xerces-j2 update (ELSA-2020-4847) xerces-j2-2.11.0-34.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xml-commons-apis update (ELSA-2020-4847) xml-commons-apis-1.4.01-25.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xml-commons-resolver update (ELSA-2020-4847) xml-commons-resolver-1.2-26.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xmlstreambuffer update (ELSA-2020-4847) xmlstreambuffer-1.5.4-8.module+el8.3.0+7697+44932688.noarch.rpmLinux
Xsom update (ELSA-2020-4847) xsom-0-19.20110809svn.module+el8.3.0+7697+44932688.noarch.rpmLinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update python3-qrcode-5.1-12.module_el8.6.0+2737+7e73ea90.noarch.rpmLinux
Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update python3-qrcode-core-5.1-12.module_el8.6.0+2737+7e73ea90.noarch.rpmLinux
Vulnerabilities CVE-2016-10707,CVE-2015-9251 are fixed in WebJars - jquery for Linux 3.0.0Linux
Vulnerabilities CVE-2015-9251 are fixed in WebJars - jquery for Linux 1.12.2Linux
Vulnerabilities CVE-2015-9251 are fixed in Ruby-jquery-rails for Linux 4.2.0Linux
Vulnerabilities CVE-2015-9251 are fixed in Nuget - jQuery for Linux 1.12.2Linux
Vulnerabilities CVE-2015-9251 are fixed in Nuget - jQuery for Linux 3.0.0Linux
Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability (CVE-2015-9251)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234