CVE-2020-11023 | AttackerKB

Description

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources – even after sanitizing it – to one of jQuery’s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.1 Medium

Impact Score:

2.7

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

None

User Interaction (UI):

Required

Scope (S):

Changed

Confidentiality (C):

Low

Integrity (I):

Low

Availability (A):

None

Vendors

debian,
drupal,
fedoraproject,
jquery,
netapp,
oracle,
tenable

Products

application express,
application testing suite 13.3.0.1,
banking enterprise collections,
banking platform,
business intelligence 5.9.0.0.0,
communications analytics 12.1.1,
communications eagle application processor,
communications element manager 8.1.1,
communications element manager 8.2.0,
communications element manager 8.2.1,
communications interactive session recorder,
communications operations monitor,
communications operations monitor 3.4,
communications services gatekeeper 7.0,
communications session report manager 8.1.1,
communications session report manager 8.2.0,
communications session report manager 8.2.1,
communications session route manager 8.1.1,
communications session route manager 8.2.0,
communications session route manager 8.2.1,
debian linux 9.0,
drupal,
fedora 31,
fedora 32,
fedora 33,
financial services regulatory reporting for de nederlandsche bank 8.0.4,
financial services revenue management and billing analytics 2.7,
financial services revenue management and billing analytics 2.8,
h300e firmware -,
h300s firmware -,
h410c firmware -,
h410s firmware -,
h500e firmware -,
h500s firmware -,
h700e firmware -,
h700s firmware -,
health sciences inform 6.3.0,
healthcare translational research 3.2.1,
healthcare translational research 3.3.1,
healthcare translational research 3.3.2,
healthcare translational research 3.4.0,
hyperion financial reporting 11.1.2.4,
jd edwards enterpriseone orchestrator,
jd edwards enterpriseone tools,
jquery,
log correlation engine,
max data -,
oncommand insight -,
oncommand system manager,
oss support tools,
peoplesoft enterprise human capital management resources 9.2,
primavera gateway,
rest data services 11.2.0.4,
rest data services 12.1.0.2,
rest data services 12.2.0.1,
rest data services 18c,
rest data services 19c,
siebel mobile,
snap creator framework -,
snapcenter server -,
storagetek acsls 8.5.1,
storagetek tape analytics sw tool 2.3.1,
webcenter sites 12.2.1.3.0,
webcenter sites 12.2.1.4.0,
weblogic server 12.1.3.0.0,
weblogic server 12.2.1.3.0,
weblogic server 12.2.1.4.0,
weblogic server 14.1.1.0.0

Exploited in the Wild

Reported by:

gwillcox-r7 indicated source as News Article or Blog (https://cybersecurityworks.com/patchwatch/july-oracle-patches-342-security-vulnerabilities.html)

Reported: July 20, 2022 1:31pm UTC (1 year ago)

Dark58254341

Reported: September 28, 2022 5:09pm UTC (1 year ago)

samboonruang indicated source as Threat Feed

Reported: October 20, 2023 7:52am UTC (5 months ago)

References

Canonical

CVE-2020-11023 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023)

Advisory

DSA-4693 (https://www.debian.org/security/2020/dsa-4693)

FEDORA-2020-36d2db5f51 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K)

https://security.netapp.com/advisory/ntap-20200511-0006

https://www.drupal.org/sa-core-2020-002

https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html

GLSA-202007-03 (https://security.gentoo.org/glsa/202007-03)

http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html

[hive-issues] 20200813 [jira] [Assigned] (HIVE-24039) update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E)

[hive-dev] 20200813 [jira] [Created] (HIVE-24039) update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E)

[hive-issues] 20200813 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E)

[hive-gitbox] 20200813 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E)

[hive-issues] 20200902 [jira] [Work started] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/radcb2aa874a79647789f3563fcbbceaf1045a029ee8806b59812a8ea@%3Cissues.hive.apache.org%3E)

[hive-issues] 20200902 [jira] [Commented] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/rd38b4185a797b324c8dd940d9213cf99fcdc2dbf1fc5a63ba7dee8c9@%3Cissues.hive.apache.org%3E)

[hive-issues] 20200902 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r6e97b37963926f6059ecc1e417721608723a807a76af41d4e9dbed49@%3Cissues.hive.apache.org%3E)

[hive-issues] 20200902 [jira] [Comment Edited] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/rb69b7d8217c1a6a2100247a5d06ce610836b31e3f5d73fc113ded8e7@%3Cissues.hive.apache.org%3E)

[hive-issues] 20200904 [jira] [Assigned] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r4aadb98086ca72ed75391f54167522d91489a0d0ae25b12baa8fc7c5@%3Cissues.hive.apache.org%3E)

[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/ra374bb0299b4aa3e04edde01ebc03ed6f90cf614dad40dd428ce8f72@%3Cgitbox.hive.apache.org%3E)

[hive-gitbox] 20200911 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/rb25c3bc7418ae75cba07988dafe1b6912f76a9dd7d94757878320d61@%3Cgitbox.hive.apache.org%3E)

[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh closed pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/rf1ba79e564fe7efc56aef7c986106f1cf67a3427d08e997e088e7a93@%3Cgitbox.hive.apache.org%3E)

[hive-gitbox] 20200912 [GitHub] [hive] rajkrrsingh opened a new pull request #1403: Hive 24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/ra32c7103ded9041c7c1cb8c12c8d125a6b2f3f3270e2937ef8417fac@%3Cgitbox.hive.apache.org%3E)

FEDORA-2020-fbb94073a1 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B)

FEDORA-2020-0b32a59b54 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY)

[hive-issues] 20200915 [jira] [Resolved] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/ra406b3adfcffcb5ce8707013bdb7c35e3ffc2776a8a99022f15274c6@%3Cissues.hive.apache.org%3E)

[hive-commits] 20200915 [hive] branch master updated: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (#1403) (https://lists.apache.org/thread.html/rab82dd040f302018c85bd07d33f5604113573514895ada523c3401d9@%3Ccommits.hive.apache.org%3E)

[hive-issues] 20200915 [jira] [Work logged] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r6c4df3b33e625a44471009a172dabe6865faec8d8f21cac2303463b1@%3Cissues.hive.apache.org%3E)

[hive-gitbox] 20200915 [GitHub] [hive] kgyrtkirk merged pull request #1403: HIVE-24039 : Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r1fed19c860a0d470f2a3eded12795772c8651ff583ef951ddac4918c@%3Cgitbox.hive.apache.org%3E)

[hive-issues] 20200915 [jira] [Updated] (HIVE-24039) Update jquery version to mitigate CVE-2020-11023 (https://lists.apache.org/thread.html/r0593393ca1e97b1e7e098fe69d414d6bd0a467148e9138d07e86ebbb@%3Cissues.hive.apache.org%3E)

FEDORA-2020-36d2db5f51 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/)

https://security.netapp.com/advisory/ntap-20200511-0006/

FEDORA-2020-fbb94073a1 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/)

FEDORA-2020-0b32a59b54 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/)

FEDORA-2020-fe94df8c34 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/)

[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html (https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E)

[flink-issues] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E)

[flink-dev] 20201105 [jira] [Created] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E)

openSUSE-SU-2020:1888 (http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html)

[flink-issues] 20201129 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E)

[felix-dev] 20201208 [jira] [Created] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r2c85121a47442036c7f8353a3724aa04f8ecdfda1819d311ba4f5330@%3Cdev.felix.apache.org%3E)

[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r4dba67be3239b34861f1b9cfdf9dfb3a90272585dcce374112ed6e16@%3Cdev.felix.apache.org%3E)

[felix-dev] 20201208 [GitHub] [felix-dev] cziegeler merged pull request #64: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r3702ede0ff83a29ba3eb418f6f11c473d6e3736baba981a8dbd9c9ef@%3Cdev.felix.apache.org%3E)

[felix-dev] 20201208 [GitHub] [felix-dev] abhishekgarg18 opened a new pull request #64: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r07ab379471fb15644bf7a92e4a98cbc7df3cf4e736abae0cc7625fe6@%3Cdev.felix.apache.org%3E)

[felix-dev] 20201208 [jira] [Commented] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r9e0bd31b7da9e7403478d22652b8760c946861f8ebd7bd750844898e@%3Cdev.felix.apache.org%3E)

[felix-dev] 20201208 [jira] [Assigned] (FELIX-6366) 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/rf0f8939596081d84be1ae6a91d6248b96a02d8388898c372ac807817@%3Cdev.felix.apache.org%3E)

[felix-commits] 20201208 [felix-dev] branch master updated: FELIX-6366 1.0.3 < jQuery <3.4.0 is vulnerable to CVE-2020-11023 (#64) (https://lists.apache.org/thread.html/r9006ad2abf81d02a0ef2126bab5177987e59095b7194a487c4ea247c@%3Ccommits.felix.apache.org%3E)

[felix-dev] 20201208 [jira] [Updated] (FELIX-6366) 1.0.3 < jQuery <3.5.0 is vulnerable to CVE-2020-11023 (https://lists.apache.org/thread.html/r55f5e066cc7301e3630ce90bbbf8d28c82212ae1f2d4871012141494@%3Cdev.felix.apache.org%3E)

[flink-issues] 20210209 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E)

[flink-issues] 20210209 [jira] [Comment Edited] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E)

https://www.tenable.com/security/tns-2021-02

[debian-lts-announce] 20210326 [SECURITY] [DLA 2608-1] jquery security update (https://lists.debian.org/debian-lts-announce/2021/03/msg00033.html)

[flink-issues] 20210422 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/ree3bd8ddb23df5fa4e372d11c226830ea3650056b1059f3965b3fce2@%3Cissues.flink.apache.org%3E)

[flink-issues] 20210422 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/rede9cfaa756e050a3d83045008f84a62802fc68c17f2b4eabeaae5e4@%3Cissues.flink.apache.org%3E)

[flink-issues] 20210429 [jira] [Commented] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r54565a8f025c7c4f305355fdfd75b68eca442eebdb5f31c2e7d977ae@%3Cissues.flink.apache.org%3E)

[flink-issues] 20210429 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/re4ae96fa5c1a2fe71ccbb7b7ac1538bd0cb677be270a2bf6e2f8d108@%3Cissues.flink.apache.org%3E)

https://www.tenable.com/security/tns-2021-10

[flink-issues] 20211031 [jira] [Updated] (FLINK-20014) Resolve CVE-2020-11022 and CVE-2020-11023 in scala-compiler (https://lists.apache.org/thread.html/r0483ba0072783c2e1bfea613984bfb3c86e73ba8879d780dc1cc7d36@%3Cissues.flink.apache.org%3E)

[debian-lts-announce] 20230831 [SECURITY] [DLA 3551-1] otrs2 security update (https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html)

Miscellaneous

https://www.oracle.com/security-alerts/cpujul2020.html

https://jquery.com/upgrade-guide/3.5

https://blog.jquery.com/2020/04/10/jquery-3-5-0-released

https://jquery.com/upgrade-guide/3.5/

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/security-alerts/cpujan2021.html

http://packetstormsecurity.com/files/162160/jQuery-1.0.3-Cross-Site-Scripting.html

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com//security-alerts/cpujul2021.html

https://www.oracle.com/security-alerts/cpuoct2021.html

https://www.oracle.com/security-alerts/cpujan2022.html

https://www.oracle.com/security-alerts/cpuapr2022.html

https://www.oracle.com/security-alerts/cpujul2022.html

Rapid7

Technical Analysis