Bug Tracker

Modify

Ticket #7511 (closed bug: duplicate)

Opened 3 years ago

Last modified 3 years ago

Report of XSS in jquery.com

Reported by: h02332@… Owned by:
Priority: undecided Milestone: 1.5
Component: unfiled Version: 1.4.4
Keywords: Cc:
Blocking: Blocked by:

Description

Report of XSS in forum.query.com and jquery.com, etc.

We tried to make a few private contacts but received no response. We've fingerprinted Cross Site Scripting and provide a Forum Poc:

 http://forum.jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1

Also provided is a jquery.com PoC:

 http://jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1

As noted, this can be reproduced en mass.

We'd appreciate someone from the jquery team sending us email to h02332
@
/ gmail
.\ com as we have a number of bugs to provide privately.

Thank You.

Hoyt LLC Research

Change History

comment:1 Changed 3 years ago by dmethvin

  • Status changed from new to closed
  • Resolution set to duplicate

comment:2 Changed 3 years ago by dmethvin

Duplicate of #7509.

Please follow the  bug reporting guidlines and use  jsFiddle when providing test cases and demonstrations instead of pasting the code in the ticket.

View

Add a comment

Modify Ticket

Action
as closed
Author


E-mail address and user name can be saved in the Preferences.

Attachments
 
Note: See TracTickets for help on using tickets.