Skip to main content

Bug Tracker

Side navigation

#7515 closed bug (duplicate)

Opened November 14, 2010 10:07PM UTC

Closed November 14, 2010 11:33PM UTC

Last modified November 14, 2010 11:33PM UTC

Report of XSS in jquery.com

Reported by: h02332@gmail.com Owned by:
Priority: undecided Milestone: 1.5
Component: unfiled Version: 1.4.4
Keywords: Cc:
Blocked by: Blocking:
Description

Report of XSS in forum.query.com and jquery.com, etc.

We tried to make a few private contacts but received no response. We've fingerprinted Cross Site Scripting and provide a Forum Poc:

http://forum.jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1

Also provided is a jquery.com PoC:

http://jquery.com/?d53cd"><script>alert(1)</script>f59c917a6e7=1

As noted, this can be reproduced en mass.

We'd appreciate someone from the jquery team sending us email to h02332 \\\\@\\\\/ gmail \\\\.//\\ com as we have a number of bugs to provide privately.

Thank You.

Hoyt LLC Research

999634f95055b1ca532811ce

Attachments (0)
Change History (2)

Changed November 14, 2010 11:33PM UTC by dmethvin comment:1

resolution: → duplicate
status: newclosed

Changed November 14, 2010 11:33PM UTC by dmethvin comment:2

Duplicate of #7509.