PT-2024-40348 — Jquery Jquery

PT-2024-40348 · Jquery · Jquery

Published

2024-06-05

Updated

2024-06-05

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions jQuery versions 1.0.3 through 3.4.1 jQuery versions prior to 3.5.0

Description The issue allows execution of untrusted code when HTML from untrusted sources is passed to jQuery's DOM manipulation methods, such as .html() or .append(), even after sanitization.

Recommendations For jQuery versions 1.0.3 through 3.4.1, update to version 3.5.0 or later to resolve the issue. For jQuery versions prior to 3.5.0, update to version 3.5.0 or later to resolve the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

GHSA-JMH9-6RJQ-GJH9

Affected Products

Jquery