Main Vulnerability Database Exploits ID:2958 - Exploit for Prototype pollution in jQuery - CVE-2019-11358

ID:2958 - Exploit for Prototype pollution in jQuery - CVE-2019-11358

Published: June 3, 2020

Vulnerability identifier: #VU18092

Vulnerability risk: Low

CVE-ID: CVE-2019-11358

CWE-ID: CWE-1321

Exploitation vector: Remote access

Vulnerable software:
jQuery

Link to public exploit:

https://github.com/DanielRuf/snyk-js-jquery-565129

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary JavaScript code.

The vulnerability exists due to improper input validation. A remote attacker can pass specially crafted input to the application and perform prototype pollution, which can result in information disclosure or data manipulation.

Remediation

Update to version 3.4.0.

ID:2958 - Exploit for Prototype pollution in jQuery - CVE-2019-11358

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human