VulnerableCode Package Details - pkg:maven/org.webjars.npm/jquery-ui@1.12.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-19cc-x655-nqcb	High severity vulnerability that affects jquery-ui Withdrawn, accidental duplicate publish. Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.	GHSA-g8q2-24jh-5hpc
VCID-9vq6-hk5n-3bc1	jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Affected versions of `jquery-ui` are vulnerable to a cross-site scripting vulnerability when arbitrary user input is supplied as the value of the `closeText` parameter in the `dialog` function. jQuery-UI is a library for manipulating UI elements via jQuery. Version 1.11.4 has a cross site scripting (XSS) vulnerability in the `closeText` parameter of the `dialog` function. If your application passes user input to this parameter, it may be vulnerable to XSS via this attack vector. ## Recommendation Upgrade to jQuery-UI 1.12.0 or later.	CVE-2016-7103 GHSA-hpcf-8vf9-q4gj

Vulnerability

Summary

Aliases

VCID-19cc-x655-nqcb

High severity vulnerability that affects jquery-ui Withdrawn, accidental duplicate publish. Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

GHSA-g8q2-24jh-5hpc

VCID-9vq6-hk5n-3bc1

jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Affected versions of `jquery-ui` are vulnerable to a cross-site scripting vulnerability when arbitrary user input is supplied as the value of the `closeText` parameter in the `dialog` function. jQuery-UI is a library for manipulating UI elements via jQuery. Version 1.11.4 has a cross site scripting (XSS) vulnerability in the `closeText` parameter of the `dialog` function. If your application passes user input to this parameter, it may be vulnerable to XSS via this attack vector. ## Recommendation Upgrade to jQuery-UI 1.12.0 or later.

CVE-2016-7103
GHSA-hpcf-8vf9-q4gj

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T12:21:26.166440+00:00	GithubOSV Importer	Fixing	VCID-19cc-x655-nqcb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-g8q2-24jh-5hpc/GHSA-g8q2-24jh-5hpc.json	36.1.3
2025-07-01T12:11:53.698917+00:00	GithubOSV Importer	Fixing	VCID-9vq6-hk5n-3bc1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-hpcf-8vf9-q4gj/GHSA-hpcf-8vf9-q4gj.json	36.1.3

2025-07-01T12:21:26.166440+00:00

GithubOSV Importer

Fixing

VCID-19cc-x655-nqcb

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-g8q2-24jh-5hpc/GHSA-g8q2-24jh-5hpc.json

36.1.3

2025-07-01T12:11:53.698917+00:00

GithubOSV Importer

Fixing

VCID-9vq6-hk5n-3bc1

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-hpcf-8vf9-q4gj/GHSA-hpcf-8vf9-q4gj.json

36.1.3