René's URL Explorer Experiment

Title: CVE-2012-6708 (Medium) detected in jquery.1.4.4.nupkg · Issue #13 · ignatandrei/JavaScriptAndMVVMandMVC · GitHub

Open Graph Title: CVE-2012-6708 (Medium) detected in jquery.1.4.4.nupkg · Issue #13 · ignatandrei/JavaScriptAndMVVMandMVC

X Title: CVE-2012-6708 (Medium) detected in jquery.1.4.4.nupkg · Issue #13 · ignatandrei/JavaScriptAndMVVMandMVC

Description: CVE-2012-6708 - Medium Severity Vulnerability Vulnerable Library - jquery.1.4.4.nupkg jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand... Library home page: https://api.nuget.org/packag...

Open Graph Description: CVE-2012-6708 - Medium Severity Vulnerability Vulnerable Library - jquery.1.4.4.nupkg jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand... Library...

X Description: CVE-2012-6708 - Medium Severity Vulnerability Vulnerable Library - jquery.1.4.4.nupkg jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand... Library...

Opengraph URL: https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13

X: @github

direct link

Domain: patch-diff.githubusercontent.com

Hey, it has json ld scripts:

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"CVE-2012-6708 (Medium) detected in jquery.1.4.4.nupkg","articleBody":"## CVE-2012-6708 - Medium Severity Vulnerability\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/vulnerability_details.png' width=19 height=20\u003e Vulnerable Library - \u003cb\u003ejquery.1.4.4.nupkg\u003c/b\u003e\u003c/p\u003e\u003c/summary\u003e\n\n\u003cp\u003ejQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand...\u003c/p\u003e\n\u003cp\u003eLibrary home page: \u003ca href=\"https://api.nuget.org/packages/jquery.1.4.4.nupkg\"\u003ehttps://api.nuget.org/packages/jquery.1.4.4.nupkg\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ePath to dependency file: /tmp/ws-scm/JavaScriptAndMVVMandMVC/packages/jQuery.Validation.1.11.1/jQuery.Validation.1.11.1.nuspec\u003c/p\u003e\n\u003cp\u003ePath to vulnerable library: /JavaScriptAndMVVMandMVC/packages/jQuery.Validation.1.11.1/jQuery.Validation.1.11.1.nuspec\u003c/p\u003e\n\u003cp\u003e\n\nDependency Hierarchy:\n  - :x: **jquery.1.4.4.nupkg** (Vulnerable Library)\n\u003cp\u003eFound in HEAD commit: \u003ca href=\"https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/commit/f9885f517c6cbae93e178995ccc1763fbd601b93\"\u003ef9885f517c6cbae93e178995ccc1763fbd601b93\u003c/a\u003e\u003c/p\u003e\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/medium_vul.png' width=19 height=20\u003e Vulnerability Details\u003c/summary\u003e\n\u003cp\u003e  \n  \njQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '\u003c' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '\u003c' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.\n\n\u003cp\u003ePublish Date: 2018-01-18\n\u003cp\u003eURL: \u003ca href=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708\u003eCVE-2012-6708\u003c/a\u003e\u003c/p\u003e\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/cvss3.png' width=19 height=20\u003e CVSS 3 Score Details (\u003cb\u003e6.1\u003c/b\u003e)\u003c/summary\u003e\n\u003cp\u003e\n\nBase Score Metrics:\n- Exploitability Metrics:\n  - Attack Vector: Network\n  - Attack Complexity: Low\n  - Privileges Required: None\n  - User Interaction: Required\n  - Scope: Changed\n- Impact Metrics:\n  - Confidentiality Impact: Low\n  - Integrity Impact: Low\n  - Availability Impact: None\n\u003c/p\u003e\nFor more information on CVSS3 Scores, click \u003ca href=\"https://www.first.org/cvss/calculator/3.0\"\u003ehere\u003c/a\u003e.\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\u003cdetails\u003e\u003csummary\u003e\u003cimg src='https://whitesource-resources.whitesourcesoftware.com/suggested_fix.png' width=19 height=20\u003e Suggested Fix\u003c/summary\u003e\n\u003cp\u003e\n\n\u003cp\u003eType: Upgrade version\u003c/p\u003e\n\u003cp\u003eOrigin: \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2012-6708\"\u003ehttps://nvd.nist.gov/vuln/detail/CVE-2012-6708\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eRelease Date: 2018-01-18\u003c/p\u003e\n\u003cp\u003eFix Resolution: jQuery - v1.9.0\u003c/p\u003e\n\n\u003c/p\u003e\n\u003c/details\u003e\n\u003cp\u003e\u003c/p\u003e\n\n***\nStep up your Open Source Security Game with WhiteSource [here](https://www.whitesourcesoftware.com/full_solution_bolt_github)","author":{"url":"https://github.com/mend-bolt-for-github[bot]","@type":"Person","name":"mend-bolt-for-github[bot]"},"datePublished":"2019-11-01T18:48:26.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/13/JavaScriptAndMVVMandMVC/issues/13"}

route-pattern	/_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format)
route-controller	voltron_issues_fragments
route-action	issue_layout
fetch-nonce	v2:2b94e0aa-fc78-80ff-c539-cf136f13958c
current-catalog-service-hash	81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114
request-id	BAF0:19F937:2A5718F:35EF5FF:6991B4E1
html-safe-nonce	776cf45231161cc100359675823132c1d5adb3456c57be4a7b5f84bba4c83383
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJCQUYwOjE5RjkzNzoyQTU3MThGOjM1RUY1RkY6Njk5MUI0RTEiLCJ2aXNpdG9yX2lkIjoiMTk5Mjg2ODkxNTkyNDAyMjQ5NyIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac	3a1b15c0da17719757ea8f00be455efe4a0fb22f62cc83076bd0119ed40beea0
hovercard-subject-tag	issue:516287331
github-keyboard-shortcuts	repository,issues,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	///voltron/issues_fragments/issue_layout
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/ignatandrei/JavaScriptAndMVVMandMVC/13/issue_layout
twitter:image	https://opengraph.githubassets.com/9dcac0d8eca26ddc86ba4ad2f8701d94b5d5b75a531e6163dfaea88507d83199/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/9dcac0d8eca26ddc86ba4ad2f8701d94b5d5b75a531e6163dfaea88507d83199/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
og:image:alt	CVE-2012-6708 - Medium Severity Vulnerability Vulnerable Library - jquery.1.4.4.nupkg jQuery is a fast and concise JavaScript Library that simplifies HTML document traversing, event hand... Library...
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
og:author:username	mend-bolt-for-github[bot]
hostname	github.com
expected-hostname	github.com
None	42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b
turbo-cache-control	no-preview
go-import	github.com/ignatandrei/JavaScriptAndMVVMandMVC git https://github.com/ignatandrei/JavaScriptAndMVVMandMVC.git
octolytics-dimension-user_id	153982
octolytics-dimension-user_login	ignatandrei
octolytics-dimension-repository_id	15478526
octolytics-dimension-repository_nwo	ignatandrei/JavaScriptAndMVVMandMVC
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	false
octolytics-dimension-repository_network_root_id	15478526
octolytics-dimension-repository_network_root_nwo	ignatandrei/JavaScriptAndMVVMandMVC
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	848bc6032dcc93a9a7301dcc3f379a72ba13b96e
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13#start-of-content
	https://patch-diff.githubusercontent.com/
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fignatandrei%2FJavaScriptAndMVVMandMVC%2Fissues%2F13
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fignatandrei%2FJavaScriptAndMVVMandMVC%2Fissues%2F13
Sign up	https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fissues_fragments%2Fissue_layout&source=header-repo&source_repo=ignatandrei%2FJavaScriptAndMVVMandMVC
Reload	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
Reload	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
Reload	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
ignatandrei	https://patch-diff.githubusercontent.com/ignatandrei
JavaScriptAndMVVMandMVC	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2Fignatandrei%2FJavaScriptAndMVVMandMVC
Fork 2	https://patch-diff.githubusercontent.com/login?return_to=%2Fignatandrei%2FJavaScriptAndMVVMandMVC
Star 0	https://patch-diff.githubusercontent.com/login?return_to=%2Fignatandrei%2FJavaScriptAndMVVMandMVC
Code	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC
Issues 21	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues
Pull requests 6	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/pulls
Actions	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/actions
Projects 0	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/projects
Wiki	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/wiki
Security 0	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/security
Insights	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/pulse
Code	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC
Issues	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues
Pull requests	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/pulls
Actions	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/actions
Projects	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/projects
Wiki	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/wiki
Security	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/security
Insights	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/pulse
New issue	https://patch-diff.githubusercontent.com/login?return_to=https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
New issue	https://patch-diff.githubusercontent.com/login?return_to=https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13
CVE-2012-6708 (Medium) detected in jquery.1.4.4.nupkg	https://patch-diff.githubusercontent.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13#top
security vulnerabilitySecurity vulnerability detected by WhiteSource	https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues?q=state%3Aopen%20label%3A%22security%20vulnerability%22
	https://github.com/apps/mend-bolt-for-github
	https://github.com/apps/mend-bolt-for-github
mend-bolt-for-github	https://github.com/apps/mend-bolt-for-github
on Nov 1, 2019	https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues/13#issue-516287331
CVE-2012-6708	https://github.com/advisories/GHSA-2pqj-h3vj-pqgw
	https://camo.githubusercontent.com/7f707ecbb163ab74b555da5daea2f4e73596a00ea0f498a511bb2245fe6dcafc/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f76756c6e65726162696c6974795f64657461696c732e706e67
https://api.nuget.org/packages/jquery.1.4.4.nupkg	https://api.nuget.org/packages/jquery.1.4.4.nupkg
f9885f517c6cbae93e178995ccc1763fbd601b93	https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/commit/f9885f517c6cbae93e178995ccc1763fbd601b93
	https://camo.githubusercontent.com/1dbe807ae3be1590d27523cd4e02c03a8d07e1dff49ec0084294a2c006984b4c/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f6d656469756d5f76756c2e706e67
CVE-2012-6708	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6708
	https://camo.githubusercontent.com/8b05d7d0c83d5dc1f3422d1e4497c6a700365c61fc1dd1e3769cd369cdeb63a5/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f63767373332e706e67
here	https://www.first.org/cvss/calculator/3.0
	https://camo.githubusercontent.com/a06e014122a02d3958748cbca226e8fc721aaef2a61d9ec4be1c79248702fdd7/68747470733a2f2f7768697465736f757263652d7265736f75726365732e7768697465736f75726365736f6674776172652e636f6d2f7375676765737465645f6669782e706e67
https://nvd.nist.gov/vuln/detail/CVE-2012-6708	https://nvd.nist.gov/vuln/detail/CVE-2012-6708
here	https://www.whitesourcesoftware.com/full_solution_bolt_github
security vulnerabilitySecurity vulnerability detected by WhiteSource	https://github.com/ignatandrei/JavaScriptAndMVVMandMVC/issues?q=state%3Aopen%20label%3A%22security%20vulnerability%22
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.