PT-2021-11548 · Jquery-Ui+1 · Jquery Ui+1

Published

2021-01-22

Updated

2021-02-02

CVE-2020-28488

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions: jquery-ui versions all org.fujion.webjars:jquery-ui versions all

Description: The issue occurs when the "dialog" is injected into an HTML tag more than once, potentially causing the browser and the application to crash.

Recommendations: For jquery-ui versions all, consider disabling the dialog injection feature until a patch is available. For org.fujion.webjars:jquery-ui versions all, restrict access to the dialog functionality to minimize the risk of exploitation. As a temporary workaround, avoid injecting the "dialog" into an HTML tag more than once until the issue is resolved.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-28488

Affected Products

Jquery Ui

Org.Fujion.Webjars:Jquery-Ui

PT-2021-11548 · Jquery-Ui+1 · Jquery Ui+1

CVE-2020-28488

Related Identifiers

Affected Products

References · 3