CVE-2012-6708
published 2018-01-18CVE-2012-6708: jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable…
PriorityP343medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
8.63%
94.4th percentile
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jquery | jquery | < 1.9.0 | 1.9.0 |
| jquery | jquery | >= 0 < 1.9.0 | 1.9.0 |
| jquery | jquery | >= 0 < 1.7.2+dfsg-2ubuntu1+esm1 | 1.7.2+dfsg-2ubuntu1+esm1 |
| jquery | jquery | >= 0 < 1.11.3+dfsg-4ubuntu0.1~esm1 | 1.11.3+dfsg-4ubuntu0.1~esm1 |
| jquery | jquery | >= 0 < 3.2.1-1ubuntu0.1~esm1 | 3.2.1-1ubuntu0.1~esm1 |
| jquery | jquery | >= 0 < 1.9.0 | 1.9.0 |
| msrc | azl3_boost_1.83.0-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_cal10n_0.8.1.10-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_ceph_18.2.2-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_ceph_18.2.2-8_on_azure_linux_3.0 | — | — |
| msrc | azl3_fontawesome4-fonts_4.7.0-12_on_azure_linux_3.0 | — | — |
| msrc | azl3_javapackages-bootstrap_1.14.0-2_on_azure_linux_3.0 | — | — |
| msrc | azl3_mozjs_102.15.1-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_python-blinker_1.7.0-4_on_azure_linux_3.0 | — | — |
| msrc | azl3_python-tensorboard_2.16.2-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.75.0-14_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.86.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_scons_4.6.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_slf4j_1.7.30-6_on_azure_linux_3.0 | — | — |
| msrc | azl3_slf4j_2.0.7-1_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| ruby-lang | ruby | >= 0 < 2.5.6-r0 | 2.5.6-r0 |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_msrc6.1MEDIUM
vendor_redhat6.1MEDIUM
vendor_ubuntu6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
jquery vulnerabilities
osv·2025-07-08·CVSS 6.1
CVE-2012-6708 [MEDIUM] jquery vulnerabilities
jquery vulnerabilities
It was discovered that jQuery did not correctly handle HTML tags. An
attacker could possibly use this issue to execute a cross-site scripting
(XSS) attack. This issue only affected Ubuntu 14.04 LTS. (CVE-2012-6708)
It was discovered that jQuery did not correctly handle unsanitized source
objects due to prototype pollution. An attacker could possibly use this
issue to execute a cross-site scripting (XSS) attack. (CVE-2019-11358)
Masato Kinugawa discovered that jQuery did not correctly sanitize certain
HTML elements. An attacker could possibly use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-11022)
Masato Kinugawa discovered that jQuery did not correctly sanitize certain
HTML el
GHSA
Cross-Site Scripting in jquery
ghsa·2020-09-01
CVE-2012-6708 [MEDIUM] CWE-64 Cross-Site Scripting in jquery
Cross-Site Scripting in jquery
Affected versions of `jquery` are vulnerable to cross-site scripting. This occurs because the main `jquery` function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that `jquery` may interpret HTML as selectors when given certain inputs, allowing for client side code execution.
## Proof of Concept
```
$("#log").html(
$("element[attribute='']").html()
);
```
## Recommendation
Update to version 1.9.0 or later.
OSV
Cross-Site Scripting in jquery
osv·2020-09-01
CVE-2012-6708 [MEDIUM] Cross-Site Scripting in jquery
Cross-Site Scripting in jquery
Affected versions of `jquery` are vulnerable to cross-site scripting. This occurs because the main `jquery` function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that `jquery` may interpret HTML as selectors when given certain inputs, allowing for client side code execution.
## Proof of Concept
```
$("#log").html(
$("element[attribute='']").html()
);
```
## Recommendation
Update to version 1.9.0 or later.
OSV
CVE-2012-6708: jQuery before 1
osv·2018-01-18·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708: jQuery before 1
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Ubuntu
jQuery vulnerabilities
vendor_ubuntu·2025-07-08·CVSS 6.1
CVE-2012-6708 [MEDIUM] jQuery vulnerabilities
Title: jQuery vulnerabilities
Summary: Several security issues were fixed in jQuery.
It was discovered that jQuery did not correctly handle HTML tags. An
attacker could possibly use this issue to execute a cross-site scripting
(XSS) attack. This issue only affected Ubuntu 14.04 LTS. (CVE-2012-6708)
It was discovered that jQuery did not correctly handle unsanitized source
objects due to prototype pollution. An attacker could possibly use this
issue to execute a cross-site scripting (XSS) attack. (CVE-2019-11358)
Masato Kinugawa discovered that jQuery did not correctly sanitize certain
HTML elements. An attacker could possibly use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-11022)
Masato Kinugawa di
Microsoft
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery d
vendor_msrc·2018-01-09·CVSS 6.1
CVE-2012-6708 [MEDIUM] CWE-79 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery d
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the 'Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to add
Red Hat
js-jquery: XSS via improper selector detection
vendor_redhat·2017-03-21·CVSS 6.1
CVE-2012-6708 [MEDIUM] CWE-79 js-jquery: XSS via improper selector detection
js-jquery: XSS via improper selector detection
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.
Package: cfme-gemset (CloudForms Management Engine 5) - Not affected
Package: jquery (Red Hat 3scale API Management Platform 2) - Fix deferred
Package: i
No detection rules found.
HackerOne
Ruby is shipping a vulnerable jQuery
hackerone·2019-10-03·CVSS 6.1
CVE-2012-6708 [MEDIUM] Ruby is shipping a vulnerable jQuery
Ruby is shipping a vulnerable jQuery
No this isn't a report about the website!
Ruby ships Darkfish as part of RDoc
https://github.com/ruby/ruby/tree/HEAD/lib/rdoc/generator/template/darkfish
https://github.com/ruby/rdoc/tree/master/lib/rdoc/generator/template/darkfish
https://github.com/ged/darkfish
Darkfish includes jQuery v1.6.4, which is vulnerable to multiple CVEs, for example
https://nvd.nist.gov/vuln/detail/CVE-2012-6708
https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Now I'm not sure how applicable these CVEs are to the generated HTML, or how likely it is someone would use the jQuery from this file in the rest of their site accidentally by including generated HTML, but I do think it's a problem to be shipping a version of jQuery that is getting towards a decade old.
Maybe Dark
Bugzilla
CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [epel-7]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [epel-7]
CVE-2012-6708 python-XStatic-jQuery: js-jquery: XSS via improper selector detection [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template t
Bugzilla
CVE-2012-6708 rubygem-jquery-rails: js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 rubygem-jquery-rails: js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 rubygem-jquery-rails: js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2012-6708 js-jquery: XSS via improper selector detection
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 js-jquery: XSS via improper selector detection
CVE-2012-6708 js-jquery: XSS via improper selector detection
Affected versions of jquery are vulnerable to cross-site scripting. This occurs because the main jquery function uses a regular expression to differentiate between HTML and selectors, but does not properly anchor the regular expression. The result is that jquery may interpret HTML as selectors when given certain inputs, allowing for client side code execution.
References:
https://bugs.jquery.com/ticket/11290
https://bugs.jquery.com/ticket/12531
https://bugs.jquery.com/ticket/6429
https://bugs.jquery.com/ticket/9521
https://nodesecurity.io/advisories/329
Discussion:
Created js-jquery tracking bugs for this issue:
Affects: fedora-all [bug 1591846]
Created js-jquery1 tracking bugs for this issue:
Affects: fedora-all [bug 15
Bugzilla
CVE-2012-6708 js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of
Bugzilla
CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [epel-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [epel-all]
CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple support
Bugzilla
CVE-2012-6708 js-jquery1: js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 js-jquery1: js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 js-jquery1: js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported
Bugzilla
CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 python-tw2-jquery: js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple sup
Bugzilla
CVE-2012-6708 js-jquery2: js-jquery: XSS via improper selector detection [fedora-all]
bugzilla·2018-06-15·CVSS 6.1
CVE-2012-6708 [MEDIUM] CVE-2012-6708 js-jquery2: js-jquery: XSS via improper selector detection [fedora-all]
CVE-2012-6708 js-jquery2: js-jquery: XSS via improper selector detection [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.htmlhttp://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.htmlhttp://packetstormsecurity.com/files/161972/Linksys-EA7500-2.0.8.194281-Cross-Site-Scripting.htmlhttp://www.securityfocus.com/bid/102792https://bugs.jquery.com/ticket/11290https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457dhttps://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3Ehttps://snyk.io/vuln/npm:jquery:20120206http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.htmlhttp://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.htmlhttp://packetstormsecurity.com/files/161972/Linksys-EA7500-2.0.8.194281-Cross-Site-Scripting.htmlhttp://www.securityfocus.com/bid/102792https://bugs.jquery.com/ticket/11290https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457dhttps://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3Ehttps://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3Ehttps://snyk.io/vuln/npm:jquery:20120206
2018-01-18
Published