jQuery Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-18405 - Vulnerability Database
jQuery Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-18405
Medium
Reference:
CVE-2018-18405
Title:
jQuery Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
DISPUTED jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry.