CVE-2007-2379

Vulnerable Component Details
Type Namespace Name Version Package URL
npm None jquery 3.6.0 pkg:npm/jquery@3.6.0?package-id=3602725a86d2dfa7
Vulnerability Details
ID CVE-2007-2379
Description The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."
Ratings
Severity Score Method Vector Source
None None
5.0 CVSSv2 AV:N/AC:L/Au:N/C:P/I:N/A:N
Found By Anchore Grype
References / Advisories