cross-site scripting

Posts with tag cross-site scripting

Attack prototypes already present

jQuery below 3.5.0 vulnerable to cross-site scripting

All jQuery versions below 3.5.0 are vulnerable to cross-site scripting (XSS) attacks. If exploited successfully, an attacker can trick the user’s browser to render a malicious page or hijack a user session. It is even possible to execute remote code. It is recommended to update to jQuery >= 3.5.0