CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2020-11022

O'rtacha(6.9)

1.12.0 dan boshlangan va 3.5.0 dan oldingi jQuery'da HTMLni ishonchsiz manbalardan (hatto uni tozalashdan keyin ham) jQuery DOM manipulyatsiya usullaridan biriga (masalan, .html(), .append() va boshqalar) o'tkazish ishonchsiz kodni ishga tushirishi mumkin. Bu muammo jQuery 3.5.0 da tuzatilgan.

Vendor

Jquery

Product

Jquery

CVSS Score

6.9

Nashr sanasi

29-apr, 2020

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Manbalar

http://security.netapp.com/advisory/ntap-20200511-0006
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released
https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77
https://github.com/jquery/jquery/releases/tag/3.5.0
https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2

CVE-2020-11022 | CyberNewsUz | CyberNewsUz