CVE-2020-7656 vulnerability in jQuery and Other Products
Published on May 19, 2020

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.

NVD

Products Associated with CVE-2020-7656

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-7656 are published in these products:

jQuery

Oracle Peoplesoft Enterprise Peopletools

NetApp Snap Creator Framework

NetApp Cloud Backup

NetApp Oncommand System Manager

NetApp Active Iq Unified Manager

Juniper Networks Junos

Exploit Probability

EPSS

1.20%

Percentile

78.66%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-7656 vulnerability in jQuery and Other ProductsPublished on May 19, 2020

Products Associated with CVE-2020-7656

Exploit Probability

CVE-2020-7656 vulnerability in jQuery and Other Products
Published on May 19, 2020