jQuery selector XSS
Apr 20, 20161 answer
What is meant by "Vulnerable with: css class selector" for JQuery?
Nov 13, 2017
Is XSS possible with jQuery(location.hash)?
Jan 10, 2018
Is this code vulnerable to dom based XSS? [duplicate]
Dec 20, 2018
XSS with escaped equal sign inside jQuery selector
Jan 11, 2019
More results from security.stackexchange.com
May 4, 20171 answer
I am testing a web application that is sporting JQuery version 1.7.2, which I found out is vulnerable to DOM-based XSS with class Attribute ('.XSS_VECTOR') ...
This lab contains a DOM-based cross-site scripting vulnerability on the home page. It uses jQuery's $() selector function to auto-scroll to a given post, ...
Apr 13, 2020 — Fix medium severity Cross-site Scripting (XSS) vulnerability affecting jquery package, versions >=1.5.1 <3.5.0.
hash)" expected CSS selector in many case, but this code also can create html element. the quick patch by jquery is here - quickExpr = /^(?:[^<]*(<[\w\W]+> ...
Version: → 1.6.1
List of all jQuery versions vulnerable to class selector XSS. These jQuery libraries cause DOM XSS when a user controlled value is passed as a the class ...
Aug 18, 2013 — Methods other than html() also accept a selector string, DOM element, or jQuery reference as well, but those are less problematic. We decided to ...