CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Published: Apr 29, 2020
Updated: Sep 1, 2023
CVE: CVE-2020-11023
GHSA: GHSA-jpcq-cgw6-v4j6
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
jquery / jquery	1.0.3	3.5.0
debian / debian_linux	9.0	9.0.x
fedoraproject / fedora	31	31.x
fedoraproject / fedora	32	32.x
fedoraproject / fedora	33	33.x
drupal / drupal	7.0	7.70
drupal / drupal	8.7.0	8.7.14
drupal / drupal	8.8.0	8.8.6
oracle / weblogic_server	12.1.3.0.0	12.1.3.0.0.x
oracle / hyperion_financial_reporting	11.1.2.4	11.1.2.4.x
oracle / weblogic_server	12.2.1.3.0	12.2.1.3.0.x
oracle / webcenter_sites	12.2.1.3.0	12.2.1.3.0.x
oracle / application_testing_suite	13.3.0.1	13.3.0.1.x
oracle / communications_operations_monitor	3.4	3.4.x
oracle / weblogic_server	12.2.1.4.0	12.2.1.4.0.x
oracle / webcenter_sites	12.2.1.4.0	12.2.1.4.0.x
oracle / weblogic_server	14.1.1.0.0	14.1.1.0.0.x
oracle / communications_interactive_session_recorder	6.1	6.4.x
oracle / communications_element_manager	8.2.0	8.2.0.x
oracle / communications_element_manager	8.2.1	8.2.1.x
oracle / communications_element_manager	8.1.1	8.1.1.x
oracle / application_express	-	20.2
oracle / rest_data_services	12.2.0.1	12.2.0.1.x
oracle / rest_data_services	12.1.0.2	12.1.0.2.x
oracle / rest_data_services	11.2.0.4	11.2.0.4.x
oracle / rest_data_services	18c	18c.x
oracle / rest_data_services	19c	19c.x
oracle / communications_services_gatekeeper	7.0	7.0.x
oracle / storagetek_tape_analytics_sw_tool	2.3.1	2.3.1.x
oracle / communications_session_report_manager	8.1.1	8.1.1.x
oracle / communications_session_report_manager	8.2.0	8.2.0.x
oracle / communications_session_report_manager	8.2.1	8.2.1.x
oracle / communications_session_route_manager	8.1.1	8.1.1.x
oracle / communications_session_route_manager	8.2.0	8.2.0.x
oracle / communications_session_route_manager	8.2.1	8.2.1.x
oracle / primavera_gateway	16.2	16.2.11.x
oracle / primavera_gateway	17.12.0	17.12.7.x
oracle / siebel_mobile	-	20.12.x
oracle / peoplesoft_enterprise_human_capital_management_resources	9.2	9.2.x
oracle / financial_services_regulatory_reporting_for_de_nederlandsche_bank	8.0.4	8.0.4.x
oracle / jd_edwards_enterpriseone_tools	-	9.2.5.0
oracle / banking_enterprise_collections	2.7.0	2.8.0.x
oracle / jd_edwards_enterpriseone_orchestrator	-	9.2.5.0
oracle / banking_platform	2.4.0	2.10.0.x
oracle / primavera_gateway	19.12.0	19.12.4.x
oracle / primavera_gateway	18.8.0	18.8.9.x
oracle / communications_operations_monitor	4.1	4.3.x
oracle / communications_analytics	12.1.1	12.1.1.x
oracle / healthcare_translational_research	3.3.1	3.3.1.x
oracle / healthcare_translational_research	3.3.2	3.3.2.x
oracle / healthcare_translational_research	3.4.0	3.4.0.x
oracle / healthcare_translational_research	3.2.1	3.2.1.x
oracle / oss_support_tools	-	2.12.41
oracle / financial_services_revenue_management_and_billing_analytics	2.7	2.7.x
oracle / financial_services_revenue_management_and_billing_analytics	2.8	2.8.x
oracle / health_sciences_inform	6.3.0	6.3.0.x
oracle / business_intelligence	5.9.0.0.0	5.9.0.0.0.x
oracle / communications_eagle_application_processor	16.1.0	16.4.0.x
oracle / storagetek_acsls	8.5.1	8.5.1.x
netapp / oncommand_system_manager	3.0	3.1.3.x
tenable / log_correlation_engine	-	6.0.9
jquery	1.0.3	3.5.0
oracle / blockchain_platform	21.1.2	21.1.2.x
oracle / blockchain_platform	-	21.1.2

Vulnerability Database

289,599

CVE-2020-11023