| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-11023 | 4.3 |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
|
31-08-2023 - 03:15 | 29-04-2020 - 21:15 | |
| CVE-2020-11022 | 4.3 |
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
|
31-08-2023 - 03:15 | 29-04-2020 - 22:15 | |
| CVE-2020-13625 | 5.0 |
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
|
20-01-2023 - 20:27 | 08-06-2020 - 17:15 | |
| CVE-2020-14295 | 6.5 |
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
|
16-11-2022 - 03:50 | 17-06-2020 - 14:15 | |
| CVE-2020-11023 | 4.3 |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
|
01-10-2020 - 00:15 | 29-04-2020 - 21:15 | |
| CVE-2020-11022 | 4.3 |
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
|
25-09-2020 - 20:15 | 29-04-2020 - 22:15 |