| Vulnerable Component Details | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Type | Namespace | Name | Version | Package URL | ||||||||||||||
| npm | None | jquery | 3.6.0 | pkg:npm/jquery@3.6.0?package-id=3602725a86d2dfa7 | ||||||||||||||
| Vulnerability Details | ||||||||||||||||||
| ID | CVE-2007-2379 | |||||||||||||||||
| Description | The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking." | |||||||||||||||||
| Ratings |
|
|||||||||||||||||
| Found By | Anchore Grype | |||||||||||||||||
| References / Advisories | ||||||||||||||||||