Contents

---
gem: jquery-ui-rails
framework: rails
cve: 2016-7103
date: 2016-08-27
url: https://github.com/jquery/api.jqueryui.com/issues/281
title: XSS Vulnerability on closeText option of Dialog jQuery UI

description: |
  Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might
  allow remote attackers to inject arbitrary web script or HTML via the
  closeText parameter of the dialog function.

cvss_v2: 4.3
cvss_v3: 6.1

patched_versions:
  - ">= 6.0.0"

related:
  url:
    - https://github.com/jquery/jquery-ui/pull/1635
    - https://github.com/jquery-ui-rails/jquery-ui-rails/blob/master/History.md#600

Version data entries

1 entries across 1 versions & 1 rubygems

Version	Path
bundler-audit-0.7.0.1	data/ruby-advisory-db/gems/jquery-ui-rails/CVE-2016-7103.yml