VulnerableCode Package Details - pkg:npm/jquery@1.9.0

Search for packages

Package details: pkg:npm/jquery@1.9.0

Essentials
History (4)

purl	pkg:npm/jquery@1.9.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-eqnp-x9hd-sqcb	Cross-Site Scripting in jquery Versions of `jquery` prior to 1.9.0 are vulnerable to Cross-Site Scripting. The load method fails to recognize and remove `<script>` HTML tags that contain a whitespace character, i.e: `</script >`, which results in the enclosed script logic to be executed. This allows attackers to execute arbitrary JavaScript in a victim's browser. ## Recommendation Upgrade to version 1.9.0 or later.	CVE-2020-7656 GHSA-q4m3-2j7h-f7xw
VCID-p1ks-k8qn-dfb3	cross-site scripting	CVE-2012-6708 GHSA-2pqj-h3vj-pqgw

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T14:30:23.860135+00:00	GHSA Importer	Fixing	VCID-p1ks-k8qn-dfb3	https://github.com/advisories/GHSA-2pqj-h3vj-pqgw	36.1.3
2025-07-01T14:30:12.946880+00:00	GHSA Importer	Fixing	VCID-eqnp-x9hd-sqcb	https://github.com/advisories/GHSA-q4m3-2j7h-f7xw	36.1.3
2025-07-01T12:17:31.557297+00:00	GithubOSV Importer	Fixing	VCID-eqnp-x9hd-sqcb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/05/GHSA-q4m3-2j7h-f7xw/GHSA-q4m3-2j7h-f7xw.json	36.1.3
2025-07-01T12:16:33.957662+00:00	GithubOSV Importer	Fixing	VCID-p1ks-k8qn-dfb3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/09/GHSA-2pqj-h3vj-pqgw/GHSA-2pqj-h3vj-pqgw.json	36.1.3