Side navigation
#7516 closed bug (duplicate)
Opened November 14, 2010 10:07PM UTC
Closed November 14, 2010 11:34PM UTC
Last modified November 14, 2010 11:34PM UTC
Report of XSS in jquery.com
| Reported by: | 999634f9e0072c5b9348e070 | Owned by: | |
|---|---|---|---|
| Priority: | undecided | Milestone: | 1.5 |
| Component: | unfiled | Version: | 1.4.4 |
| Keywords: | Cc: | ||
| Blocked by: | Blocking: |
Description
Report of XSS in forum.query.com and jquery.com, etc.
We tried to make a few private contacts but received no response. We've fingerprinted Cross Site Scripting and provide a Forum Poc:
http://forum.jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1
Also provided is a jquery.com PoC:
http://jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1
As noted, this can be reproduced en mass.
We'd appreciate someone from the jquery team sending us email to h02332 \\\\@\\\\/ gmail \\\\.//\\ com as we have a number of bugs to provide privately.
Thank You.
Hoyt LLC Research