IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [jquery]

jQuery is a JavaScript library used for DOM manipulation.

38 questions
38
votes
5 answers

Is it really Security Misconfiguration to show a version number?

Our web application uses a HTML file with jQuery embedded inside. According to the jQuery license (https://jquery.org/license/), we have to leave the license header intact, including the version number. Our client reported exposure of the product…
stormtrooper
  • 481
  • 1
  • 4
  • 4
27
votes
1 answer

What is meant by "Vulnerable with: css class selector" for JQuery?

I'm mostly a beginner in cybersecurity. I came across this the other day about how JQuery 1.3.2 is vulnerable to CSS Selectors and Location Hash (source). I understand how XSS works and I know what CSS selectors are. But I don't really understand…
Akhil
  • 403
  • 5
  • 10
13
votes
4 answers

Is XSS possible with jQuery(location.hash)?

Is it possible to exploit XSS in the following code? jQuery(window.location.hash) It seems to me that window.location.hash always starts with a hash #, and modern jQuery always interpretes this as an ID selector. Is this correct?
Sjoerd
  • 28,707
  • 12
  • 74
  • 102
10
votes
1 answer

XSS with escaped equal sign inside jQuery selector

Web-site uses jQuery 1.8.3 which has known XSS vulnerability in selector. (https://snyk.io/vuln/npm:jquery:20120206). It passes filtered and urldecoded document.location.hash (val2 below) value inside…
Alex Velickiy
  • 211
  • 1
  • 5
9
votes
3 answers

Is Content Security Policy only enforced during initial rendering?

Is CSP enforced only during initial rendering, meaning there is no continuous coverage after your document loads? Here is an example of what I'm talking about: Let's say your page, example.com, has some JS that takes the url parameter name and…
Andrew Schmitt
  • 195
  • 1
  • 8
7
votes
3 answers

Exploiting XSS in jQuery without equal character?

This is some vulnerable JavaScript code: $(document).ready(function(){ var payload = unescape(document.location.hash.substr(1)); $(payload); document.body.innerText = "The payload is: " + payload; }); When I tried exploiting it with…
AlmightyGoat
  • 71
  • 1
  • 3
6
votes
1 answer

DOM Based XSS and Adding HTML Elements

So as a rule of thumb I once learned that adding or removing HTML with JavaScript/JQuery (.html(),.append(), etc) leaves yourself wide open for DOM Based XSS Attacks. It is now my understanding that this is not 100% true. Supposedly there is a…
FamousAv8er
  • 299
  • 1
  • 8
6
votes
2 answers

Is this codes usage of document.location.toString() a DOM based XSS vulnerability?

I have come across the following JS code in multiple web applications. I think the reason for the popularity of this code snippet is this accepted answer on SO. Developers seem to be using this code a lot of switching menu tabs: var url =…
Rahil Arora
  • 4,259
  • 2
  • 23
  • 41
5
votes
1 answer

jquery.js Dynamic Code Evaluation: Code Injection on setTimeout() line

I am working on fixing a potential security issue. I ran my HP fortify SCA and I got a critical priority report on my jquery.js file. Category : Dynamic Code Evaluation: Code Injection (3 Issues). I looked at the source code and it turns out to be…
A1a5h3
  • 53
  • 1
  • 1
  • 3
4
votes
3 answers

How to audit JavaScript written by someone else before including it on my site?

I want to include a feature to add a sort function on an HTML table on my site, using the tablesorter library. I would be using this on a part of the site that requires a login to access data. But I am worried the library might sneak in malware or…
Don85203
  • 43
  • 4
4
votes
1 answer

Is there a base version of jQuery which has no XSS vulnerability?

I am working on an enterprise project and we have a upcoming new release. The security team runs a security scan, in that vulnerability report there is one point that I am struggling with. The project uses jQuery 1.4.x and it causes a XSS…
Deniz Gökçe
  • 43
  • 1
  • 1
  • 4
3
votes
1 answer

Is there a way to exploit jquery 1.12.4 vulnerability?

According to https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jquery+1.12.4 and https://snyk.io/test/npm/jquery/1.12.4, I see that jQuery 1.12.4 has medium serevrity vulnerability. I checked on exploit-db and searchsploit to see if there's known…
idkn
  • 133
  • 1
  • 1
  • 3
3
votes
3 answers

Are jQuery vulnerabilities exposed by the file being served from the server of by usage of the vulnerable code?

I've recently been asked to update a legacy web application, installed on numerous client servers, to use the current version of jQuery 3.3.1, rather than 1.10.2 which has a number of vulnerabilities. Do I need to simply update the version used by…
Ted
  • 133
  • 5
3
votes
2 answers

Is there a possability to inject XSS into the jQuery attr function?

I was wondering if this function would be vulnerable to XSS. var url = "google.com"; if (url.indexOf("http") != 0) { url = "http://" + url; } $("").attr("href", url); The 'url' is user input, and the would be placed on some…
Rob
  • 143
  • 1
  • 6
3
votes
1 answer

How to handle 3rd party vulnerable code?

We have recently done a static analysis of our application/s, and there are few critical findings for a 3rd party code i.e. jquery and swagger UI. What are security best practices in this case to mitigate the risk?
wonder
  • 103
  • 6
1
2 3