CVE-2010-5312
Severity
6.1MEDIUM
EPSS
5.2%
top 10.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 24
Latest updateJan 19
Description
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7
Affected Packages8 packages
Also affects: Debian Linux 7.0, 9.0, Fedora 35, 36
Patches
🔴Vulnerability Details
4📋Vendor Advisories
3💬Community
68Bugzilla▶
CVE-2010-5312 python-werkzeug: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]↗2014-11-21
Bugzilla▶
CVE-2010-5312 gallery3: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]↗2014-11-21
Bugzilla▶
CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]↗2014-11-21
Bugzilla▶
CVE-2010-5312 yelp-xsl: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]↗2014-11-21
Bugzilla▶
CVE-2010-5312 wordpress: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]↗2014-11-21