Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-8784

JQuery 1.2 < 3.5.0 Multiple XSS

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      Description

      According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

      Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios required for successful exploitation do not exist on devices running a PAN-OS release.
       

      Solution

      Upgrade to JQuery version 3.5.0 or later.
       

      See Also

      https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
      https://security.paloaltonetworks.com/PAN-SA-2020-0007
       

      Output

       

      Reference Information

      CISA-KNOWN-EXPLOITED:  2025/02/13
      CEA-ID:  CEA-2021-0004, CEA-2021-0025
      IAVB:  2020-B-0030
      CVE:  CVE-2020-11022, CVE-2020-11023

              Unassigned Unassigned
              rh-ee-trgreene Trevon Greene
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: